Security Affairs

SEPTEMBER 8, 2023

North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). ” reads the advisory published by Google TAG.

Cybersecurity 114

Cybersecurity Encryption Security IT 114

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Security 113

Security Risk Government IT 113

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Google’s TAG tracked the activity of around 40 CSVs focusing on the types of software they develop. ” reads the report published by Google. ” concludes Google.

Government 115

Government Sales Risk IT 115

Schneier on Security

NOVEMBER 21, 2023

TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. To ensure protection against these types of exploits, TAG urges users and organizations to keep software fully up-to-date and apply security updates as soon as they become available. It has been patched.

Security 92

Security Authentication Government IT 92

Security Affairs

JULY 13, 2023

Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install updates to fix a zero-day vulnerability that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers.

Authentication 97

Authentication Cloud Security IT 97

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Cybersecurity 93

Cybersecurity Education Risk Security 93

Security Affairs

JUNE 19, 2022

A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites. The researchers believe that this vulnerability is being actively exploited in the wild, it has been rated with a CVSS score of 9.8. The vulnerability resides in the Merge Tag feature of the plugin.

Cybersecurity 122

Cybersecurity Security IT Information Security 122

Security Affairs

APRIL 2, 2024

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin that can lead to malicious script injection.

Access 125

Access IT Information Security Security 125

Security Affairs

DECEMBER 8, 2022

North Korea-linked APT37 group (aka ScarCruft , Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128 , in attacks aimed at South Korean users. “These malicious documents exploited an Internet Explorer 0-day vulnerability in the JScript engine, CVE-2022-41128. .

IT 99

IT Security Information Security 99

Security Affairs

OCTOBER 25, 2023

ESET researchers pointed out that is a different vulnerability than CVE-2020-35730 , that the group exploited in other attacks. In recent attacks, the group was observed exploiting a XSS vulnerability, tracked as CVE-2023-5631 , by sending a specially crafted email message. The vulnerability affects Roundcube versions 1.6.x

Military 119

Military Government Phishing IT 119

Security Affairs

AUGUST 2, 2023

Although the leaked data itself wouldn’t be sufficient to gain complete control over the website, it could significantly simplify the process of a potential takeover for attackers, especially if they manage to identify other vulnerable endpoints. Google Tag Manager ID specifies which tag manager container should be used by the website.

Passwords 98

Passwords Analytics Access Risk 98

Security Affairs

JANUARY 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Libraries 117

Libraries IT Cybersecurity Risk 117

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm.

Archiving 103

Archiving Risk Government IT 103

Security Affairs

JULY 23, 2023

Researchers reported that more than 15000 Citrix servers exposed online are likely vulnerable to attacks exploiting the vulnerability CVE-2023-3519. The IT giant warns of the availability of exploits for this vulnerability that have been observed in attacks against unmitigated appliances. reads the advisory published by CISA.

Cybersecurity 97

Cybersecurity Cloud Encryption Passwords 97

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.

Archiving 96

Archiving Access Risk Security 96

Security Affairs

NOVEMBER 30, 2023

Apple released emergency security updates to address two zero-day vulnerabilities impacting iPhone, iPad, and Mac devices. The first vulnerability, tracked as CVE-2023-42916, is an out-of-bounds read. The second vulnerability, tracked as CVE-2023-42917, is a memory corruption vulnerability. ” reads the advisory. .

Security 125

Security IT Information Security 125

Security Affairs

OCTOBER 18, 2022

HelpSystems, the company that developed the Cobalt Strike platform, addressed a critical remote code execution vulnerability in its software. HelpSystems, the company that developed the commercial post-exploitation toolkit Cobalt Strike, addressed a critical remote code execution vulnerability, tracked as CVE-2022-42948, in its platform.

IT 115

IT Security Information Security 115

Security Affairs

OCTOBER 4, 2023

Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new zero-day vulnerability, tracked as CVE-2023-42824, that is exploited in attacks targeting iPhone and iPad devices.

Security 119

Security IT Information Security 119

Security Affairs

NOVEMBER 12, 2021

Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. Pierluigi Paganini.

Encryption 139

Encryption IT Security Information Security 139

Security Affairs

APRIL 9, 2024

The company included the V8 Sandbox in Chrome’s Vulnerability Reward Program (VRP). “V8 vulnerabilities are rarely “classic” memory corruption bugs (use-after-frees, out-of-bounds accesses, etc.) Google has announced support for what’s called a V8 Sandbox in the Chrome web browser.

Access 120

Access IT Security Information Security 120

Security Affairs

DECEMBER 20, 2023

Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released emergency updates to address a new zero-day vulnerability, tracked as CVE-2023-7024, in its web browser Chrome. The vulnerability is a Heap buffer overflow issue in WebRTC.

Libraries 123

Libraries Access IT Information Security 123

Security Affairs

DECEMBER 1, 2023

US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability impacts ownCloud owncloud/graphapi 0.2.x

IT 104

IT Libraries Cybersecurity Passwords 104

Security Affairs

DECEMBER 12, 2023

Clément Lecigne of Google’s Threat Analysis Group discovered both vulnerabilities. The fact that the issues were discovered by Google TAG suggests they were exploited by a nation-state actor or by a surveillance firm. Addressed issues include CVE-2023-42916 and CVE-2023-42917 which Apple fixed at the end of November.

Security 117

Security IT Information Security 117

Security Affairs

FEBRUARY 5, 2024

The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2024-21893 , is currently being actively exploited in real-world attacks by various threat actors. x), Policy Secure (9.x,

Authentication 110

Authentication Security Access IT 110

Security Affairs

MARCH 19, 2021

Experts found vulnerabilities in two WordPress plugins that could be exploited to run arbitrary code and potentially take over a website. Security researchers disclosed vulnerabilities in Elementor and WP Super Cache WordPress plugins that could be exploited to run arbitrary code and take over a website under certain circumstances.

Authentication 131

Authentication Security Access IT 131

Security Affairs

APRIL 13, 2022

The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 An attacker could trigger this vulnerability to take control of an affected system. Apache Struts is an open-source web application framework for developing Java EE web applications.

Cybersecurity 137

Cybersecurity Security IT Information Security 137

Krebs on Security

AUGUST 9, 2022

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows.

Authentication 230

Authentication Access IT Security 230

Security Affairs

JULY 30, 2023

The popular Threat Analysis Group (TAG) Maddie Stone wrote Google’s fourth annual year-in-review of zero-day flaws exploited in-the-wild [ 2021 , 2020 , 2019 ], it is built off of the mid-year 2022 review. ” reads the report published by Google TAG. 0-clicks usually target components other than the browser. .

IT 96

IT Security Information Security 96

Security Affairs

JULY 8, 2023

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. ” reads the security bulletin.

Libraries 98

Libraries Security Access IT 98

Security Affairs

DECEMBER 14, 2022

Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. 12 of these vulnerabilities were submitted through the ZDI program. 12 of these vulnerabilities were submitted through the ZDI program. ” reads the advisory published by the IT giant. ” reads the advisory.

Security 110

Security IT Information Security 110

Security Affairs

NOVEMBER 29, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm. The CVE-2023-5217 is a high-severity integer overflow in Skia.

Libraries 120

Libraries Security Access IT 120

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. ” Google TAG researcher Maddie Stone highlighted that the issue was addressed in only two days after the initial discovery, she also confirmed the exploitation by a commercial spyware vendor.

Libraries 118

Libraries Passwords Security IT 118

Security Affairs

JUNE 6, 2023

Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. The vulnerability is a type confusion issue that resides in the V8 JavaScript engine. The IT giant is aware that the vulnerability is being actively exploited in the wild.

Libraries 97

Libraries Security IT Information Security 97

Security Affairs

DECEMBER 8, 2020

The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. . The remote code execution flaw, tracked as CVE-2020-17530, resides in forced OGNL evaluation when evaluated on raw user input in tag attributes. to 2.5.25. ” states the CISA’s advisory.

Cybersecurity 110

Cybersecurity Security IT Information Security 110

Security Affairs

APRIL 8, 2023

US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report.

IT 94

IT Ransomware Education Cybersecurity 94

Security Affairs

JUNE 5, 2023

. “Attackers employ a number of evasion techniques during the campaign, including obfuscating Base64 and masking the attack to resemble popular third-party services, such as Google Analytics or Google Tag Manager.” or in vulnerable third-party services and components used by the website. ” continues the analysis.

CMS 86

CMS Retail Analytics IT 86

Security Affairs

JANUARY 26, 2021

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. ” reads the TAG’s report. ” reads the TAG’s report.

Security 91

Security Communications Cybersecurity Government 91