Zoom zero-day discovery makes calls safer, hackers $200,000 richer

Two Dutch white-hat security specialists entered the annual computer hacking contest Pwn2Own, managed to find a Remote Code Execution (RCE) flaw in Zoom and are $200,000 USD better off than they were before. Pwn2Own Pwn2Own is a high profile event organized by the Zero Day Initiative that challenges hackers to find serious new vulnerabilities in commonly used software and mobile devices. The … [Read more...]

SAP warns of malicious activity targeting unpatched systems

A timely warning to keep systems patched has appeared, via a jointly-released report from Onapsis and SAP. The report details how threat actors are “targeting and potentially exploiting unprotected mission-critical SAP applications”. Some of the vulnerabilities used were weaponised fewer than 72 hours after patches are released. In some cases, a newly deployed SAP instance could be compromised in … [Read more...]

The npm netmask vulnerability explained so you can actually understand it

The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual ipv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects that rely on netmask to filter or evaluate ipv4 block ranges, both inbound and outbound. Got that? … [Read more...]

ProxyLogon PoCs trigger a game of whack-a-mole

As we reported recently, the use of the Microsoft Exchange Server ProxyLogon vulnerabilities has gone from “limited and targeted attacks” to a full-size panic in no time. Criminal activities, ranging in severity from planting crypto-miners to deploying ransomware, and conducted by numerous groups, have quickly followed the original exploitation by APT groups to spy on organizations. With the … [Read more...]

Update now! Chrome fix patches in-the-wild zero-day

The Microsoft Browser Vulnerability Research team has found and reported a vulnerability in the audio component of Google Chrome. Google has fixed this high-severity vulnerability (CVE-2021-21166) in its Chrome browser and is warning Chrome users that an exploit exists in the wild for the vulnerability. It is not the first time that Chrome’s audio component was targeted by an exploit. No … [Read more...]

Patch now! Exchange servers attacked by Hafnium zero-days

Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft attributes the attacks to a group they have dubbed Hafnium. “HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education … [Read more...]

Update now! Chrome patches zero-day that was exploited in the wild

A Chrome patch has been issued with an advisory stating that the Stable channel has been updated to 88.0.4324.150 for Windows, Mac and Linux. The only noteworthy thing about this update is a patch for a zero-day vulnerability that has been actively exploited in the wild. But that one looks to be extremely important. Which zero-day got patched? Publicly disclosed computer security flaws are … [Read more...]

RDP abused for DDoS attacks

We have talked about RDP many times before. It has been a popular target for brute force attacks for a long time, but attackers have now found a new way to abuse it. Remote access has become more important during the pandemic, with as many people as possible try to work from home. Which makes it all the more important to configure RDP services in a secure way. Quick recap of RDP RDP is … [Read more...]

DNSpooq bugs haunt dnsmasq

The research team at JSOF found seven vulnerabilities in dnsmasq and have dubbed them DNSpooq, collectively. Now, some of you may shrug and move on, probably because you haven’t heard of dnsmasq before. Well, before you go, you should know that dnsmasq is used in a wide variety of phones, routers, and other network devices, besides some Linux distributions like Red-Hat. And that’s just a … [Read more...]

The story of ZeroLogon

This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very unpopular. Cybercriminals seized the opportunity to use the vulnerability for their own purposes. This … [Read more...]