Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

CVE-2023-27971: Certain HP LaserJet Pro Print Products - Potential Buffer Overflow, Elevation of Privilege

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.

CVE
Open in Source
#vulnerability#php#buffer_overflow#zero_day
LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities

Categories: News Categories: Ransomware Tags: PaperCut Tags: Cl0p Tags: LockBit Vulnerabilities in PaperCut printing management are being used in ransomware attacks. (Read more...) The post LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities appeared first on Malwarebytes Labs.

Why Your Detection-First Security Approach Isn't Working

Stopping new and evasive threats is one of the greatest challenges in cybersecurity. This is among the biggest reasons why attacks increased dramatically in the past year yet again, despite the estimated $172 billion spent on global cybersecurity in 2022. Armed with cloud-based tools and backed by sophisticated affiliate networks, threat actors can develop new and evasive malware more quickly

Update now: Critical flaw in VMWare Fusion and VMWare Workstation

Categories: News Tags: VMware Tags: workstation Tags: fusion Tags: virtual machine Tags: SCSI Tags: DVD Tags: CD Tags: virtualisation Tags: exploit Tags: vulnerability Tags: flaw Tags: CVE VMWare has released fixes and mitigations for three Important and one Critical vulnerability in its Fusion and Workstation software. (Read more...) The post Update now: Critical flaw in VMWare Fusion and VMWare Workstation appeared first on Malwarebytes Labs.

CVE-2022-38730: Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 2

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in ..\dataRoot\network\files\local-kv.db because of a TOCTOU race condition.

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the name Lace Tempest (formerly DEV-0950), which overlaps with other hacking groups like FIN11, TA505, and Evil

CVE-2023-23839: SolarWinds Platform 2023.2 Release Notes

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.

Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers

Customers should apply updates to the print management software used by more than 100 million organizations worldwide, with typical US customers found in the SLED sector.

Building a Better SBOM

Generating an SBOM is easy. It's generating one that's comprehensive and accurate that's hard.