Critical Vulnerability in Ping Utility Allows Hackers to Take Over FreeBSD Systems

5 minutes ago · 0 comments
post-image

A new way to attack Linux allows you to upload a ready-made repository to the system

7 minutes ago · 0 comments
post-image

Cybercriminals forced the Vatican to shut down its website

19 hours ago · 0 comments
post-image
article-image5 minutes ago

Critical Vulnerability in Ping Utility Allows Hackers to Take Over FreeBSD Systems

article-image7 minutes ago

A new way to attack Linux allows you to upload a ready-made repository to the system

article-image19 hours ago

Cybercriminals forced the Vatican to shut down its website

Blog Feed

Popular

Latest

Recent

    • 2 dangerous vulnerabilities in NVIDIA GPUs can cause great damage to vulnerable networks

      NVIDIA has fixed 25 vulnerabilities in GPU drivers, some of them potentially harmful to systems.NVIDIA has released a security update for the Windows GPU driver that contains a fix for a dangerous vulnerability that attackers can use to execute code and privilege escalation.The latest update fixes 25 vulnerabilities in GPU drivers for Windows and Linux, and 7 vulnerabilities have a high severity level.2 most dangerous vulnerabilities:CVE-2022-34669 (CVSS v3.1:8.8) is a locally exploited user-mode vulnerability in the Windows GPU driver that could allow an unprivileged user to access or modify files critical to the application, which...

      post-image
    • Hackers "jump" on WhatsApp and LinkedIn accounts to take over Facebook profiles

      WithSecure said Vietnam-based Ducktail is running WhatsApp and LinkedIn phishing campaigns to hijack the Facebook Business accounts of users of the Facebook Ads & Business platform.According to a WithSecure report, Ducktail operators hide the infostealer in archive files along with images, documents, and video files. The file names are associated with popular brands and project management products.Experts have said that Ducktail now hides malware by displaying fake documents and video files on startup. In addition, the group constantly changes the file format and compiles and signs certificates to avoid detection.Ducktail malware works like this:Once in...

      post-image
    • The RansomExx grouping "rebuilt" the Rust programming language

      IBM Security X-Force Threat researchers have said that the RansomExx ransomware group has switched to the Rust programming language, which gives hackers the ability to be invisible.According to IBM Security X-Force reverse engineer Charlotte Hammond, Rust-based malware has lower antivirus detection rates, making it easier for attackers to bypass protection. The new sample used for the IBM report only shows up in 14 of over 60 antiviruses on VirusTotal.The experts said that RansomExx is not just updating the existing code base - they are recreating the code from scratch in a completely new language with...

      post-image
    • DraftKings to refund all funds to customers affected by credential spoofing attack

      Sports betting company DraftKings said it would pay out all funds to customers affected by a credential spoofing attack that resulted in losses of up to $300,000. The announcement follows a Monday tweet that DraftKings was investigating reports [1, 2, 3, 4] from customers having account issues.All the hacked accounts had one thing in common - an initial deposit of $5, after which the attackers change the password, link two-factor authentication to a different phone number, and then withdraw as much funds as possible from the linked bank accounts of the victims. Some victims were...

      post-image
    • Critical Vulnerability in Ping Utility Allows Hackers to Take Over FreeBSD Systems

      The vulnerability could have been exploited to crash the utility or run arbitrary code.The FreeBSD developers have released updates to fix a critical vulnerability in the ping utility, which is being tracked as CVE-2022-23093 and could be used for remote code execution. The security flaw is caused by a buffer overflow while processing incoming ICMP messages. As the FreeBSD developers found out, the pr_pack() function, which copies the extracted IP and ICMP headers into stack buffers for further processing. At the same time, it does not take into account that additional extended headers may be...

      post-image
    • A new way to attack Linux allows you to upload a ready-made repository to the system

      Written once - works everywhere.Sysdig researchers have discovered that hackers are using the open-source Linux PRoot utility in Bring Your Own Filesystem (BYOF) attacks to provide a consistent repository of malicious tools that run on many Linux distributions.PRoot is an open source utility that allows the user to set up an isolated root file system on Linux. In the discovered attacks, the hacker uses PRoot to deploy a malicious file system on already compromised systems, which include network scanning tools - "masscan" and "nmap", the XMRig cryptominer and their configuration files.The filesystem contains everything needed...

      post-image
    • Cybercriminals forced the Vatican to shut down its website

      Experts suggest that Russian hackers are behind a series of cyberattacks on the website of the Holy See.According to a statement by Vatican spokesman Matteo Bruni, due to continuous cyber attacks, IT specialists had to temporarily disable the site and launch an investigation. The site was down on Wednesday and Thursday, but by Friday morning it was back up and running.It is not yet clear who is behind the cyberattack. However, experts recall incidents when cybercriminals attacked the Vatican because of the statements of Pope Francis. For example, earlier a Turkish hacker hacked into the...

      post-image
    • CISA Warns of Multiple Critical Vulnerabilities in Mitsubishi Electric GX Works3 Engineering Software

      Exploitation of these vulnerabilities could disrupt industrial processes.The US Cybersecurity and Infrastructure Protection Agency (CISA) this week issued an advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software."The successful exploitation of these vulnerabilities allows unauthorized attackers to view and execute programs, gain access to the MELSEC iQ-R/F/L series processor modules and the MELSEC iQ-R OPC UA series server module," the agency said.GX Works3 is Mitsubishi Electric's latest generation of programming and maintenance software specifically designed for MELSEC iQ-R series control systems. It includes many new features such as graphical system configuration, built-in...

      post-image
    • Critical Vulnerability in Ping Utility Allows Hackers to Take Over FreeBSD Systems

      The vulnerability could have been exploited to crash the utility or run arbitrary code.The FreeBSD developers have released updates to fix a critical vulnerability in the ping utility, which is being tracked as CVE-2022-23093 and could be used for remote code execution. The security flaw is caused by a buffer overflow while processing incoming ICMP messages. As the FreeBSD developers found out, the pr_pack() function, which copies the extracted IP and ICMP headers into stack buffers for further processing. At the same time, it does not take into account that additional extended headers may be...

      post-image
    • A new way to attack Linux allows you to upload a ready-made repository to the system

      Written once - works everywhere.Sysdig researchers have discovered that hackers are using the open-source Linux PRoot utility in Bring Your Own Filesystem (BYOF) attacks to provide a consistent repository of malicious tools that run on many Linux distributions.PRoot is an open source utility that allows the user to set up an isolated root file system on Linux. In the discovered attacks, the hacker uses PRoot to deploy a malicious file system on already compromised systems, which include network scanning tools - "masscan" and "nmap", the XMRig cryptominer and their configuration files.The filesystem contains everything needed...

      post-image
    • Cybercriminals forced the Vatican to shut down its website

      Experts suggest that Russian hackers are behind a series of cyberattacks on the website of the Holy See.According to a statement by Vatican spokesman Matteo Bruni, due to continuous cyber attacks, IT specialists had to temporarily disable the site and launch an investigation. The site was down on Wednesday and Thursday, but by Friday morning it was back up and running.It is not yet clear who is behind the cyberattack. However, experts recall incidents when cybercriminals attacked the Vatican because of the statements of Pope Francis. For example, earlier a Turkish hacker hacked into the...

      post-image
    • CISA Warns of Multiple Critical Vulnerabilities in Mitsubishi Electric GX Works3 Engineering Software

      Exploitation of these vulnerabilities could disrupt industrial processes.The US Cybersecurity and Infrastructure Protection Agency (CISA) this week issued an advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software."The successful exploitation of these vulnerabilities allows unauthorized attackers to view and execute programs, gain access to the MELSEC iQ-R/F/L series processor modules and the MELSEC iQ-R OPC UA series server module," the agency said.GX Works3 is Mitsubishi Electric's latest generation of programming and maintenance software specifically designed for MELSEC iQ-R series control systems. It includes many new features such as graphical system configuration, built-in...

      post-image
Read all posts

Tuesday, 06 December

Comments Feed