Security News

Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. These malicious exploits are promoted by alleged researchers at a fake cybersecurity company named 'High Sierra Cyber Security,' who promote the GitHub repositories on Twitter, likely to target cybersecurity researchers and firms involved in vulnerability research.

VMware patched today a VMware ESXi zero-day vulnerability exploited by a Chinese-sponsored hacking group to backdoor Windows and Linux virtual machines and steal data.The cyber espionage group-tracked as UNC3886 by cybersecurity firm Mandiant who discovered the attacks-abused the CVE-2023-20867 VMware Tools authentication bypass flaw to deploy VirtualPita and VirtualPie backdoors on guest VMs from compromised ESXi hosts where they escalated privileges to root.

The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file transfer solution since 2021, according to Kroll security experts. "Kroll observed activity consistent with MOVEit Transfer exploitation that collectively occurred on April 27, 2022; May 15-16, 2023; and May 22, 2023, indicating that actors were testing access to organizations via likely automated means and pulling back information from the MOVEit Transfer servers to identify which organization they were accessing," the report reveals.

The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file transfer solution since 2021, according to Kroll security experts. "Kroll observed activity consistent with MOVEit Transfer exploitation that collectively occurred on April 27, 2022; May 15-16, 2023; and May 22, 2023, indicating that actors were testing access to organizations via likely automated means and pulling back information from the MOVEit Transfer servers to identify which organization they were accessing," the report reveals.

Google has fixed a high-severity vulnerability in the Chrome browser that is being exploited by attackers. "Google is aware that an exploit for CVE-2023-3079 exists in the wild," the Chrome team says.

The second reserves 64 bits for storing a memory address where the text string of a customer's name can be found. As you can imagine, you'd better not mix up these two values, because a number that makes sense, and is safe, to use as a day number, such as 23157, would almost certainly be unsafe to use as a memory address.

Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December. The new security patch level 2023-06-05 integrates a patch for CVE-2022-22706, a high-severity flaw in the Mali GPU kernel driver from Arm that Google's Threat Analysis Group believes it may have been used in a spyware campaign targeting Samsung phones.

MOVEit is managed file transfer software from Progress, an application development and digital experience technologies provider. Aspx is the native file used by MOVEit Transfer for its web interface.

Google has released a security update for Chrome web browser to address the third zero-day vulnerability that hackers exploited this year. Withholding technical information is the usual stance from Google when a new security issue is found.

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine.