Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, … [Read more...] about Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
remote
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to … [Read more...] about Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
Sep 16, 2024Ravie LakshmananCloud Security / Vulnerability A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion. The vulnerability has been codenamed CloudImposer by Tenable Research. "The … [Read more...] about Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Jun 08, 2024NewsroomVulnerability / Programming Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating … [Read more...] about New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free … [Read more...] about Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Apr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when … [Read more...] about Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
New Juniper Junos OS Flaws Expose Devices to Remote Attacks
Aug 19, 2023THNNetwork Security / Vulnerability Networking hardware company Juniper Networks has released an "out-of-cycle" security update to address multiple flaws in the J-Web component of Junos OS that could be combined to achieve remote code execution on susceptible installations. The four vulnerabilities have a cumulative CVSS rating of 9.8, making them Critical in … [Read more...] about New Juniper Junos OS Flaws Expose Devices to Remote Attacks
Identifying malicious Remote Desktop Protocol (RDP) connections with Elastic Security
Lateral movement is a dangerous threat in the landscape of highly integrated technologies. If attackers gain access to an endpoint, it’s critical for security teams to identify any and all movements they make. To combat this threat, Elastic Security is excited to announce a new lateral movement detection package that makes use of advanced analytics.In the past, we explored how … [Read more...] about Identifying malicious Remote Desktop Protocol (RDP) connections with Elastic Security
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
Jul 24, 2023THNLinux / Network Security Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of … [Read more...] about New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks
Jul 13, 2023THNOT/ICS, SCADA Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and denial-of-service (DoS). "The results and impact of exploiting these vulnerabilities … [Read more...] about Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks