The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities."CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available … [Read more...] about Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
Unpatched
New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide.Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) … [Read more...] about New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier
A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older.To successfully exploit the zoom vulnerability, all an attacker needs to do is tricking a Zoom user into performing some typical action like opening a received document … [Read more...] about Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier
Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you.A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could … [Read more...] about Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig
[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned.One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also … [Read more...] about [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft … [Read more...] about Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)
Are you using LibreOffice?You should be extra careful about what document files you open using the LibreOffice software over the next few days.That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file.LibreOffice is one of the most popular and open source … [Read more...] about Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)
New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month.Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute … [Read more...] about New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions
A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions.Discovered by Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), the … [Read more...] about Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions
Hacker Disclosed 3 Unpatched Microsoft Zero-Day Exploits In Less Than 24 Hours
Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10, the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities.The two new zero-day vulnerabilities affect Microsoft's Windows Error Reporting service and Internet Explorer 11.Just yesterday, while … [Read more...] about Hacker Disclosed 3 Unpatched Microsoft Zero-Day Exploits In Less Than 24 Hours