Security News

The bug, now officially denoted CVE-2021-44248, involves sending a request to a vulnerable server in which you include some data - for example, an HTTP header - that you expect the server will write to its logfile. Not just any old download: if the data that comes back is a valid Java program, then the server runs that file to "Help" it generate the logging data.

Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game's Java Edition client and multiplayer servers. The vulnerability is fixed with the release of Minecraft: Java Edition 1.18.1, which is now rolling out to all customers.

A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. Among the various payloads that leverage CVE-2021-36260, Fortinet found a downloader masked as "MacHelper," which fetches and executes Moobot with the "Hikivision" parameter.

Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. Earlier today, Grafana 8.3.1, 8.2.7, 8.1.8, and 8.0.7 were released to fix a path traversal vulnerability that could allow an attacker to navigate outside the Grafana folder and remotely access restricted locations on the server, such as /etc/password/.

So you've decided to set up a vulnerability scanning programme, great. If you're not sure about that yet - check out this comprehensive vulnerability scanning guide.

An APT group is leveraging a critical vulnerability in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. CVE-2021-44077 is an authentication bypass vulnerability that affects ManageEngine ServiceDesk Plus installations using versions 11305 and earlier.

The U.S. Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities.Tracked as CVE-2021-44077, the issue relates to an unauthenticated, remote code execution vulnerability affecting ServiceDesk Plus versions up to, and including, 11305 that if left unfixed "Allows an attacker to upload executable files and place web shells that enable post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files," CISA said.

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation on vulnerable systems. Tracked as CVE-2021-24084, the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file system access and read arbitrary files.

For any organization that relies on continuous availability of their computer network for regular operations, vulnerability scans should be run at least monthly and even more frequently for organizations that collect and/or process personal or sensitive data. An important component in combating a potential attack is implementing vulnerability scanning to detect and classify network, application, and security vulnerabilities.

Researchers have discovered several vulnerabilities affecting at least 150 multi-function printers made by Hewlett Packard. F-Secure's Bolshev and Hirvonen used an HP M725z multi-function printer unit as their testbed to discover the above flaws.