Hacking

Pierluigi Paganini May 22, 2024
Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentication bypass issue, tracked as CVE-2024-4985 (CVSS score: 10.0), in the GitHub Enterprise Server (GHES). GitHub Enterprise Server (GHES) is a self-hosted version of GitHub designed for use […]

Pierluigi Paganini May 21, 2024
Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms

A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulnerability in the Fluent Bit utility, which is used on major cloud platforms. Fluent Bit is an open-source, lightweight, and high-performance log processor and forwarder. It […]

Pierluigi Paganini May 21, 2024
Experts released PoC exploit code for RCE in QNAP QTS

Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor’s NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabilities, most of which have yet to be addressed. The most severe vulnerability is a flaw tracked as CVE-2024-27130. The issue is an unpatched stack buffer […]

Pierluigi Paganini May 20, 2024
Two students uncovered a flaw that allows to use laundry machines for free

Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such […]

Pierluigi Paganini May 19, 2024
Healthcare firm WebTPA data breach impacted 2.5 million individuals

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S. Department of Health and […]

Pierluigi Paganini May 19, 2024
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.  Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by […]

Pierluigi Paganini May 18, 2024
North Korea-linked IT workers infiltrated hundreds of US firms

The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an Arizona woman, a Ukrainian man, and three unidentified foreign nationals accused of aiding overseas IT workers, pretending to be U.S. citizens, to infiltrate hundreds of firms in […]

Pierluigi Paganini May 17, 2024
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors named LunarWeb and LunarMail that were exploited to breach European ministry of foreign affairs. The two backdoors are designed to carry out a long-term compromise in the target network, data […]

Pierluigi Paganini May 17, 2024
City of Wichita disclosed a data breach after the recent ransomware attack

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent […]

Pierluigi Paganini May 17, 2024
CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog

CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-4761 Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that […]