Security Affairs

NOVEMBER 2, 2022

Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub. ” reads the advisory published by the company.

Access 124

Access Phishing Authentication Passwords 124

Security Affairs

JULY 8, 2019

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits. The attacker created a new version of the library (version 0.0.7

Libraries 105

Libraries Passwords Security IT 105

Security Affairs

FEBRUARY 16, 2021

The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb. ” The experts used a fuzzy approach to test the Samsung’s C++ library rlottie to parse Lottie animations and triaging the crashes. Pierluigi Paganini.

Access 117

Access Libraries Encryption Security 117

Security Affairs

SEPTEMBER 24, 2020

The vulnerability ties on how Instagram uses third-party libraries for image processing, in particular, the open-source JPEG decoder Mozjpeg. A malicious code could allow the hackers to access a device’s phone contacts, camera, GPS data, and files stored into the device. ” reads the analysis published by CheckPoint.

Access 123

Access Libraries Communications IT 123

Security Affairs

MARCH 30, 2024

Red Hat warns of a backdoor in XZ Utils data compression tools and libraries in Fedora development and experimental versions. Red Hat urges users to immediately stop using systems running Fedora development and experimental versions because of a backdoor in the latest versions of the “xz” tools and libraries. rpm and xz-libs-5.6.0-2.fc40.x86_64.rpm

Libraries 131

Libraries Authentication Access Risk 131

Security Affairs

OCTOBER 27, 2022

DEV-0206 is an access broker tracked by Microsoft, which uses malvertising campaigns to compromise networks worldwide. The discovery made by Microsoft is very interesting because it is the first time that researchers found evidence that worm operators leverage an access broker to compromise enterprise networks. Pierluigi Paganini.

Ransomware 104

Ransomware Access Encryption Manufacturing 104

Security Affairs

DECEMBER 27, 2023

. “In our ongoing investigation, Barracuda has determined that a threat actor has utilized an Arbitrary Code Execution (ACE) vulnerability within a third party library, Spreadsheet::ParseExcel, to deploy a specially crafted Excel email attachment to target a limited number of ESG devices.” ” reads the advisory.

Libraries 132

Libraries Access Cybersecurity Security 132

Security Affairs

DECEMBER 9, 2019

Google has released the source code of a tool, dubbed PathAuditor, designed to help developers identify vulnerabilities related to file access. Google decided to release the source code of a tool dubbed PathAuditor designed to help developers identify vulnerabilities related to file access. ” reads the post published by Google.

Access 98

Access Libraries Security IT 98

Security Affairs

MAY 14, 2024

“ Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed ” continues the advisory.

Libraries 123

Libraries Access Security IT 123

Security Affairs

APRIL 9, 2024

Researchers found multiple vulnerabilities in LG webOS running on smart TVs that could allow attackers to gain root access to the devices. Bitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices. Sweden, and Finland.

Authentication 131

Authentication Libraries Access Information Security 131

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number).

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Security Affairs

DECEMBER 20, 2023

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.” ” continues the advisory.

Libraries 130

Libraries Access IT Information Security 130

Security Affairs

SEPTEMBER 6, 2023

Storm-0558 threat actors focus on government agencies in Western Europe and were observed conducting cyberespionage, data theft, and credential access attacks. The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key.

Authentication 125

Authentication Libraries Access Government 125

Security Affairs

MAY 24, 2024

“ Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. March 2024) CVE-2024-3159 : an out-of-bounds memory access in V8 JavaScript engine.

Libraries 116

Libraries Access Security Risk 116

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338.

Security 124

Security IT Authentication Libraries 124

Security Affairs

DECEMBER 1, 2023

The two issues are: CVE-2023-6345 Google Skia Integer Overflow Vulnerability CVE-2023-49103 ownCloud graphapi Information Disclosure Vulnerability CVE-2023-6345 – The CVE-2023-5217 is a high-severity integer overflow in Skia. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).

IT 118

IT Libraries Cybersecurity Passwords 118

Security Affairs

MAY 2, 2024

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached the production infrastructure of the DropBox Sign eSignature service and gained access to customer information and authentication data.

Passwords 123

Passwords Authentication Access Phishing 123

Security Affairs

DECEMBER 17, 2023

Threat actors launched a phishing attack against a former employee obtaining his credentials and access to the Ledger’s NPMJS account. ledger library confirmed compromised and replaced with a drainer. The malicious npm module (2e6d5f64604be31) has been removed from the repository. that included a crypto drainer malware.

Phishing 131

Phishing Libraries Authentication Access 131

Security Affairs

JULY 7, 2022

OrBit allows operators to achieve remote access capabilities over SSH, harvests credentials, and logs TTY commands. “Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. . ” continues the experts.

Libraries 127

Libraries Cybersecurity Authentication Access 127

Security Affairs

MAY 1, 2024

Since then, it has gained popularity among statisticians and data miners for its powerful features and extensive libraries for data manipulation, visualization, and statistical analysis. “Lazy evaluation is a strategy that allows for symbols to be evaluated only when needed, i.e., when they are accessed.”

Metadata 125

Metadata Libraries Access IT 125

Security Affairs

JUNE 26, 2023

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon , using a novel tradecraft to gain initial access to target networks. ” concludes the report.

Cleanup 98

Cleanup Libraries Access Manufacturing 98

Security Affairs

DECEMBER 16, 2021

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library.

Libraries 145

Libraries Ransomware Access Security 145

Security Affairs

MARCH 11, 2024

. “When the OpenEdge Authentication Gateway (OEAG) is configured with an OpenEdge Domain that uses the OS local authentication provider to grant user-id and password logins on operating platforms supported by active releases of OpenEdge, a vulnerability in the authentication routines may lead to unauthorized access on attempted logins.”

Authentication 127

Authentication Passwords Libraries Access 127

Security Affairs

MARCH 31, 2024

The Linux version of DinodasRAT uses Pidgin’s libqq qq_crypt library functions for encryption and decryption of data. The library uses the Tiny Encryption Algorithm ( TEA ) in CBC mode to cipher and decipher the data. “They do not collect user information to manage infections. . 0x28 DealLocalProxy Send “ok”.

Libraries 141

Libraries Encryption Communications Government 141

Security Affairs

AUGUST 30, 2020

The npm security team removed a malicious JavaScript library from the npm repository that was designed to steal sensitive files from the victims. The fallguys library claimed to provide an interface to the “ Fall Guys: Ultimate Knockout ” game API. ” reads the npm’s advisory. .”

Libraries 137

Libraries Access Security IT 137

Security Affairs

APRIL 21, 2024

The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.” Notably, the malware can create scheduled tasks using the Golang Go-ole library, which interfaces with the Windows Component Object Model (COM) for Task Scheduler service interaction.

Libraries 123

Libraries Communications IT Government 123

Security Affairs

NOVEMBER 28, 2023

It allows individuals and organizations to create their own private cloud storage services, giving them control over their data while facilitating collaboration and file access across multiple devices. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).

Cybersecurity 121

Cybersecurity Libraries Passwords Access 121

Security Affairs

APRIL 22, 2023

The issue resides in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

IT 98

IT Libraries Cybersecurity Education 98

Security Affairs

NOVEMBER 29, 2023

Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms. The CVE-2023-5217 is a high-severity integer overflow in Skia.

Libraries 124

Libraries Security Access IT 124

Security Affairs

JUNE 17, 2022

Below is the attack chain described by ProofPoint: Initial Access: Gain access to one or more users’ SharePoint Online or OneDrive accounts by compromising or hijacking users’ identities. The versioning settings are under list settings for each document library. . ” continues the report. ” . .

Libraries 107

Libraries Encryption Ransomware Cloud 107

IT Governance

FEBRUARY 14, 2023

These are the three components of the CIA triad, an information security model designed to protect sensitive information from data breaches. The CIA triad is a widely accepted principle within the industry, and is used in ISO 27001 , the international standard for information security management.

IT 105

IT Risk GDPR Information Security 105

Security Affairs

OCTOBER 28, 2022

“ Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

IT 131

IT Libraries Communications Access 131

Security Affairs

APRIL 18, 2024

The attackers employed the lure of a free IP scanning tool to infect the systems with the Anunak backdoor and gain an initial foothold using living-off-the-land binaries, scripts, and libraries (lolbas). OpenSSH is also used for external access.

Phishing 121

Phishing Manufacturing Libraries IT 121

Security Affairs

JANUARY 26, 2024

The maintainers of the open-source platform have addressed nine security vulnerabilities, including a critical flaw, tracked as CVE-2024-23897 , that could lead to remote code execution (RCE). Jenkins has a built-in command line interface (CLI) to access the platform from a script or shell environment.

Libraries 134

Libraries Access IT Security 134

Security Affairs

AUGUST 7, 2023

According to the report the ad fraud library used in this campaign implements specific tricks to avoid detection and inspection, such as delaying the initiation of its fraudulent activities. What’s more, all the intricate configurations of this library can be remotely modified and pushed using Firebase Storage or Messaging service.

Libraries 98

Libraries Risk IT Access 98

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Authentication 123

Authentication Libraries Access Security 123

Security Affairs

JANUARY 24, 2022

. “The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable a race condition enabling symlink following (CWE-363).” “Unfortunately that check was implemented incorrectly in the standard library, resulting in a TOCTOU (Time-of-check Time-of-use) race condition.

Libraries 98

Libraries Access Security IT 98