Pierluigi Paganini
May 27, 2024
Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software. Cisco addressed a vulnerability, tracked as CVE-2024-20360 (CVSS score 8.8), in the web-based management interface of the Firepower Management Center (FMC) Software. The vulnerability is a SQL injection issue, an attacker can exploit the flaw to obtain […]
Pierluigi Paganini
May 26, 2024
The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006. UAC-0006 has been active since at least 2013. The threat actors focus on compromising accountants’ PCs (which […]
Pierluigi Paganini
May 26, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fake AV websites used to distribute info-stealer malware MITRE December 2023 attack: Threat actors created rogue […]
Pierluigi Paganini
May 26, 2024
Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for the Justice AV Solutions JAVS Viewer software. The attackers were able to inject a backdoor in the JAVS Viewer v8.3.7 installer that is being distributed from […]
Pierluigi Paganini
May 25, 2024
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE and Inno setup installer, including Spy […]
Pierluigi Paganini
May 25, 2024
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. The security team at the organization […]
Pierluigi Paganini
May 24, 2024
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835, that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impacts versions 15.11 before […]
Pierluigi Paganini
May 24, 2024
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-5274, in the Chrome browser, it is the eighth zero-day exploited in attacks disclosed this year. The vulnerability is a high-severity […]
Pierluigi Paganini
May 24, 2024
CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2020-17519, is an improper access control vulnerability in Apache Flink. Apache Flink contains an improper access […]
Pierluigi Paganini
May 24, 2024
The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provided by vendors like Fortinet or QNAP, carries cybersecurity implications. It increases the discoverability of customer devices by attackers. Advisory on security impacts related […]
