Home » Knowledgebase » Security

Security

Vulnerability in Microsoft Authorization System Allows Hacking Accounts

Microsoft Authorization System Vulnerability

Security researchers from the Israeli company CyberArk discovered a vulnerability in the Microsoft authorization system, which allows hacking accounts. This vulnerability is located in the Microsoft Azure cloud service. The problem affects certain applications that use the Microsoft OAuth 2.0 authorization protocol, and its operation allows creating tokens for entering the system. In this way, attackers can take control of …

Read More »

Experts have doubts in the effectiveness of the CVE database

Experts doubts in the effectiveness of CVE

Experts have doubts in the effectiveness of the CVE database and advised researchers not to rely solely on this threat database when scanning for vulnerabilities in the system. As stated in the report of the company Risk Based Security, such a solution will make IT professionals miss almost a third of all vulnerabilities. “If your organization is currently relying on …

Read More »

IS specialists published an exploit for the RCE problem in Apache Solr

Exploit for RCE in Apache Solr

In the summer this year, an information security researcher known as jnyryan discovered a problem in Apache Solr. Now, security professionals have published an exploit for the RCE problem in Apache Solr. The vulnerability was hidden in the solr.in.sh configuration file, which by default is included in all versions of Solr. So, the default configuration implies the included option ENABLE_REMOTE_JMX_OPTS, …

Read More »

Qualcomm chip vulnerabilities endanger millions of Android devices

Vulnerabilities in Qualcomm endanger Android devices

Check Point experts found that vulnerabilities in the Qualcomm Secure Execution Environment endanger millions of Android devices. Vulnerabilities allow attackers to steal critical data stored in protected parts of the device. Qualcomm Secure Execution Environment (QSEE) is an implementation of the Trusted Execution Environment (TEE) based on ARM TrustZone technology. In fact, it is a hardware-isolated area of the processor …

Read More »

ZoneAlarm forums hacked due to vBulletin vulnerability

ZoneAlarm hacked with vBulletin vulnerability

The forums at ZoneAlarm, which is owned by Check Point and whose products are used by over 100 million people, have been hacked because of a vulnerability in vBulletin. As a result, users’ data fell into the hands of attackers. Fortunately, despite the considerable user base of ZoneAlarm, the leak affected the forum hosted on forums.zonealarm.com (currently unavailable because the …

Read More »

Vulnerability in Libarchive Threatens Many Linux Distributions

Vulnerability in Libarchive Threatens Linux

In the summer this year, Google experts, using the ClusterFuzz and OSS-Fuzz tools, discovered a dangerous bug in the Libarchive library. This vulnerability in Libarchive threatens many Linux distributions. The vulnerability impacts Libarchive, a library for reading and creating compressed files. It is a powerful all-in-one toolkit for working with archive files that also bundles other Linux/BSD utilities like tar, …

Read More »

Previously unknown governmental group Avivore attacked airbus

Avivore attacked Airbus

Researchers at Context Information Security have identified a new cybercriminal group Avivore, which has attacked Airbus several times over the past few months. Attackers carried out cyber attacks on Airbus through the networks of French consulting company Expleo, British engine manufacturer Rolls Royce, and two unnamed Airbus suppliers. Cybercriminals target large multinational and small engineering and consulting firms in supply …

Read More »

Exim developers fixed a new critical vulnerability

New Exim Critical Vulnerability

The developers updated Exim to version 4.92.3, fixing a new critical DoS vulnerability, which theoretically allowed an attacker to execute malicious code on the target server. The problem affected all versions of the mail server, starting from 4.92 to the latest version 4.92.2. The vulnerability was identified by CVE-2019-16928 and was discovered by QAX-A-TEAM. The problem is with the heap …

Read More »

GitHub can now assign CVE identifiers to vulnerabilities

GitHub can assign CVE

This week, representatives of GitHub immediately announced a number of innovation, including the fact that GitHub has completed certification as a CVE Numbering Authority, the company can now independently assign CVE identifiers to vulnerabilities. First, Dependency Graph will add support for PHP projects on Composer. This means that users will be able to receive automatic security warnings for any vulnerabilities …

Read More »

Vulnerabilities in some D-Link and Comba routers reveal credentials in format of plain text

Vulnerabilities in D-Link and Comba Routers

Trustwave specialists discovered a number of vulnerabilities in D-Link and Comba Telecom routers. Bugs allow extracting data from Internet providers and access passwords from devices without authentication. After examining the D-Link DSL-2875AL router, the researchers found out that it is affected by the same problem that other devices of the manufacturer are vulnerable to: they give access to all router …

Read More »

Researchers discover second critical vulnerability in Exim servers in two months

Second Exim Critical Vulnerability

The second critical vulnerability has been discovered in the popular Exim mail server software that allows remote code execution and access to a system with superuser privileges. An open source contributor and security researcher with online nick Zerons discovered the vulnerability that later was analyzed by cybersecurity experts at Qualys. A fix for the vulnerability, as well as a detailed …

Read More »

Another 0-day vulnerability discovered in Android

Android 0-day Vulnerability

Participants in the Google project Zero Day Initiative (ZDI) published details of a 0-day vulnerability that could allow local privilege escalation in Android. According to the description in the ZDI blog, a dangerous vulnerability is present in the v4l2 driver (Video4Linux 2), which provides the possibility of audio and video capture for a Linux family of OS. As it turned …

Read More »

Zerodium first rated exploits for Android more expensive than for iOS

Android more expensive than iOS

The well-known vulnerability broker, Zerodium, has updated its price list, and now for the first time in history exploits for Android are more expensive than exploits for iOS. IS researchers have the opportunity to earn on 0-day bugs for Android, the operation of which does not require user’s interaction, up to $2,500,000. Similar exploits for iOS cost $2,000,000. Thus, Zerodium …

Read More »

In free Bitdefender antivirus fixed vulnerability, which led to escalation of privileges

Vulnerability in Free Bitdefender Antivirus

SafeBreach specialists discovered a vulnerability in the free antivirus Bitdefender Antivirus Free 2020 (up to version 1.0.15.138 that fixes the problem). The bug received the identifier CVE-2019-15295 and scored 5.9 points on the CVSS vulnerability rating scale. The vulnerability could be used by attackers to elevate privileges to the SYSTEM level. The problem is related to the lack of proper …

Read More »

Vulnerability in Trend Micro Password Manager endangers Windows users

Vulnerability in Trend Micro

SafeBreach researchers found a vulnerability in the Trend Micro Password Manager. Using this security issue, an attacker can strengthen his presence in an attacked Windows system. The attack vector exists due to the fact that the Trend Micro Password Manager Central Control Service (PwmSvc.exe file) is launched with the rights of the most privileged Windows account – NT Authority\System. “This …

Read More »

Researchers introduced a system for assessing the probability of exploiting vulnerabilities in real attacks

Exploit Prediction Scoring System

As you probably know, all systems are vulnerable. Annually, CVE identifiers are assigned to thousands of discovered vulnerabilities, and it’s almost impossible to monitor every new one. Exploit Prediction Scoring System maybe solve these problems How to understand which companies correct immediately, and which ones can be put on hold, specialists tried to figure out at the Black Hat USA …

Read More »

Researchers estimate that 1.2 billion of Apple’s devices are not protected from MitM attacks

AWDL vulnerability in Apple devices

Researchers at Darmstadt Technical University claim that the Apple Wireless Direct Link Protocol (AWDL) contains vulnerabilities that endangers more than 1.2 billion devices. Using these gaps, an attacker can track users, disable devices, or intercept files transferred between devices (man-in-the-middle, MitM). Experts from Darmstadt Technical University began analyzing the Apple Wireless Direct Link protocol last year. Though Apple launched AWDL …

Read More »

Vulnerability in ProFTPD allows coping files without permission and executing arbitrary code

ProFTPD servers are vulnerable

German researcher Tobias Mädel discovered that, under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks. The root of the problem lies in the mod_copy module bug, which allows arbitrary files copying. Most often, this module is enabled by default. “All versions of ProFTPd up to and including 1.3.6 (the problem extends to 1.3.6 only …

Read More »

On GitHub published a detailed analysis of BlueKeep vulnerability that simplifies creation of exploits

As part of the May “Tuesday updates”, Microsoft fixed the critical vulnerability CVE-2019-0708 (also known as BlueKeep) related to the operation of Remote Desktop Services (RDS) and RDP. Although the technical details of the problem were not disclosed due to its high level of threat, it is known that with the help of this bug attackers can execute arbitrary code …

Read More »

What to do if your Facebook account got hacked?

Millions of computer users of various countries today use Facebook, a truly innovative communication tool and a real masterpiece of Mark Zuckerberg. Sadly, cyber hackers these days invent various methods of hacking Facebook accounts. In many cases Facebook account can be hacked when users click a link that leads to a fake Facebook signup page, or login page. It outwardly …

Read More »

Google redirect virus removal tool

Right now many users worldwide experience the major and quite a serious problem. This is the issue of their search engine requests being redirected to other annoying and unwanted sites, and this is surely a challenge for many security sites to assist users in elimination of the causes for such undesirable behavior of their PCs. It is worth mentioning that …

Read More »

Beware of viruses spread via Facebook and other social networks

As you may know, the Internet is not so safe at present time. A lot of hackers can figure out numerous ways spreading different malicious programs if they want. And that is exactly what they do nowadays. We can catch viruses through different ways such as by uploading some program. And it can be not suspicious at all, but our …

Read More »