#zero_day

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Keysight  Equipment: N8844A Data Analytics Web Service  Vulnerability: Deserialization of Untrusted Data  2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Keysight reports this vulnerability affects the following data analytics web service software:   N8844A Data Analytics Web Service: Version 2.1.7351 and prior  3.2 VULNERABILITY OVERVIEW 3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502  Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid.  CVE-2023-1967 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).  3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Communications, Government  COUNTRIES/AREAS DEPLOYED: Worldwi...

Researchers are unraveling the threads connecting two separate, but in some ways overlapping, Russian-language APTs.

A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.

With 60% of organizations taking more than four days to resolve cybersecurity issues, Unit 42’s Global Incident Response Service dramatically reduces time to remediate threats.

Categories: News Tags: fake Chrome update Tags: AirBnb scam Tags: fake IRS tax email Tags: Ransomware in Germany report Tags: Living Off The Land Tags: LOTL attack Tags: ALPHV ransomware Tags: ransomware Tags: spring cleaning your browser Tags: lost injured dog Facebook hoax Tags: Facebook hoax Tags: swatting-as-aservice Tags: LockBit ransomware Tags: Instagram scam Tags: Domino Backdoor Tags: Malwarebytes Admin Tags: Fancy Bear Tags: tech support scam Tags: QBot Tags: Chrome zero-day Tags: Facebook Tags: Cambridge Analytica settlement claim The most interesting security related news from the week of April 17 - 23. (Read more...) The post A week in security (April 17 - 23) appeared first on Malwarebytes Labs.

Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of Symantec's Threat Hunter Team, confirm earlier suspicions that the

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability  CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control

The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.

The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.

Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim's Google account. Israeli cybersecurity startup Astrix Security, which discovered and reported the issue to Google on June 19, 2022, dubbed the shortcoming GhostToken. The issue