WEB WatchGuard Firebox Authentication Vulnerability (CVE-2022-23176) CVE-2022-23176 is a privilege escalation vulnerability in WatchGuard Firebox and XTM appliances. The vulnerability could allow a remote, unprivileged threat actor to access the system with a privileged management session via an exposed management…
Five security vulnerabilities, called JekyllBot:5 (CVE-2022-1066, CVE-2022-26423, CVE-2022-1070, CVE-2022-27494, and CVE-2022-1059) were fixed in Aethon TUG smart autonomous mobile robots. Fortunately, the vulnerabilities haven’t been exploited in the wild. JekyllBot:5 Vulnerabilities in Aethon TUG Mobile Robots The mobile robots are…
Cybersecurity researchers detected a new TDS (Traffic Direction System), called Parrot, that uses tens of thousands of compromised websites. Parrot TDS Uses a Large Network of Infected Sites Parrot TDS has infected multiple web servers that host more than 16,500…
There’s a new information stealer on the rise, and security researchers say that it is currently being distributed in malspam campaigns. In other words, the so-called META infostealer is delivered via malicious spam in email messages (attachments). Since the infamous…
Google has developed a new Privacy Guide for its Chrome browser. Privacy Guide for Google Chrome The feature has been created by the Google Safety Engineering Center (GSEC), and has been described as “a step-by-step guided tour of some existing…
Security researchers detected a new phishing scam targeting various organizations across healthcare, education, and healthcare sectors. Approximately 27,660 mailboxes have been reached by the suspicious email messages. ArmorBlox researchers provided more details about the phishing attack. New Phishing Campaign Uses…
Apple recently released two emergency patches to fix two actively exploited zero-days in Apple’s macOS and iOS (reported anonymously). The company said the flaws have been exploited in the wild. The vulnerabilities have been fixed in iOS and iPadOS 15.4.1,…
VMware has fixed a total of eight security vulnerabilities in several of its products, including VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. It is noteworthy that some of the…
Several gigabytes of information stolen from US industrial giant Parker Hannifin have been leaked by the Conti ransomware group. Parker Hannifin is an American corporation (and a Fortune 250 company) specializing in motion and control technologies, with corporate headquarters in…
CVE-2021-45382 is a Remote Code Execution (RCE) vulnerability in D-Link routers. More specifically, all series of H/W revisions D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file, are affected, according to the official…
Security researchers reported a new malware strain, capable of distributing ransomware and performing DDoS attacks. Called Borat after the infamous mockumentary movie, the malware is a RAT, or a Remote Access Trojan, and it provides the two activities alongside the…
Hydra, the world’s largest dark web marketplace, has been taken down by the German authorities. As a result, 543 Bitcoins, or approximately €23 million, were seized, according to Bundeskriminalamt’s press release (originally in German). The take-down operation was possible thanks…
CVE-2022-22639 is a recently discovered, already patched macOS vulnerability in suhelperd, a helper daemon process for Software Update in Apple’s operating system. The vulnerability was discovered by Trend Micro researchers who also provided a detailed analysis of the issue. More…
Security researchers recently identified two critical code vulnerabilities in a central component of the PHP supply chain. Called PEAR, or PHP Extension and Application Repository, the component is both a framework and a distribution system for reusable PHP components. The…
Another variant of the infamous Mirai botnet is circling the web, exploiting a list of specific vulnerabilities in TOTOLINK routers. The critical vulnerabilities are relatively new, disclosed in the period between February and March 2022. Affected is the Linux platform.…
One of the latest major cyberattacks that disabled tens of thousands Viasat satellites broadband models a few weeks ago is most likely associated with the VPNFilter malware, attributed to Russia. The conclusion comes from SentinelOne. SentinelOne’s Take on the Attack…
Emergency patches that fix two zero-days in Apple’s macOS and iOS (reported anonymously) have been released. The company said the flaws have been exploited in the wild. The vulnerabilities have been fixed in iOS and iPadOS 15.4.1, macOS Monterey 12.3.1,…
Another day, another zero-day. This time, security researchers discovered a bypass for an older zero-day, remote code execution flaw in the Spring Core framework, shortly after a proof-of-concept exploit was leaked to GitHub. Spring Core is a widely known Java…
A new proof-of-concept (PoC) code shows that attackers can remotely lock, unlock, and start Honda and Acura vehicles. This is possible due to a vulnerability in the remote keyless system, CVE-2022-27254, that impacts Honda Civic LX, EX, EX-L, Touring, Si,…
There’s a new SonicWall vulnerability, identified as CVE-2022-22274. The vulnerability is critical, and resides in multiple firewall appliances. If weaponized, remote threat actors could perform arbitrary code execution and cause a denial-of-service (DoS) condition. CVE-2022-22274 SonicWall Vulnerability: Technical Description According…
