Aggregator

AG Says HealthAlliance Tried But Failed to Fix Zero-Day Flaw That Led to Exploit
New York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.

Cybersecurity Experts Push for Clearer Mission, Expanded Authority, More Resources
Cybersecurity experts are urging a revamp of the Office of the National Cyber Director. The Center for Cybersecurity Policy and Law says the office needs a clearer mission, more resources and the authority to lead cybersecurity policy for other government agencies to bolster U.S. cyber defenses.

Possible Long-Term Attack by Unknown Hackers Thwarted
Hackers exploiting flaws in Cleo Communications software instances had intimate knowledge of their internals and deployed a previously unknown family of malware, security researchers from Huntress said Thursday. Cleo published a patch Wednesday evening.

The state of AppSec tooling: 4 ways to step up to modern software security

Exploiting Device Authentication Vulns in Cloud-Managed IoT Devices

Researchers at Black Hat Europe demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.

Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]

亚马逊称程序员每天只花一小时时间写代码

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

A vulnerability classified as critical was found in opensearch-project data-prepper 2.10.0/2.10.1. This vulnerability affects the function getHttpAuthenticationService. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-55886. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in http4k up to 5.40.x. This affects an unknown part. The manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2024-55875. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in rizin up to 0.6.2. It has been rated as critical. Affected by this issue is the function create_cache_bins/read_cache_accel/rz_dyldcache_new_buf of the file librz/bin/format/mach0/dyldcache.c. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2024-31670. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Dell Client Platform BIOS 1.18.x/1.24.x/1.28.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper input validation. This vulnerability is known as CVE-2024-47238. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in scidsg hushline up to 0.3.4. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2024-55888. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in shuchkin simplexlsx up to 1.1.11 and classified as problematic. This issue affects the function toHTMLEx. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-55878. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in xwiki-platform up to 13.10.4/14.2 and classified as problematic. This vulnerability affects the function request.sort. The manipulation of the argument request leads to escaping of output. This vulnerability was named CVE-2024-55663. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in beego up to 2.3.3. This affects an unknown part. The manipulation leads to use of weak hash. This vulnerability is uniquely identified as CVE-2024-55885. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Over the past several years, US Federal Agencies and private sector companies have observed China-based threat actors targeting network and telecommunication critical infrastructure. A wave of recent reports have disclosed that these attacks have succeeded in compromising government and industry targets to a far greater extent than previously thought. As a result, CISA has issued […]

The post Holding Back Salt Typhoon + Other Chinese APT CVEs appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

The post Holding Back Salt Typhoon + Other Chinese APT CVEs appeared first on Security Boulevard.

A vulnerability, which was classified as critical, has been found in xwiki-platform up to 15.10.8/16.2.x. Affected by this issue is some unknown functionality. The manipulation leads to improper neutralization of directives in statically saved code ('static code injection'). This vulnerability is handled as CVE-2024-55662. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in xwiki-platform up to 15.10.8/16.2.x. Affected by this vulnerability is the function XWiki.ConfigurableClass. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-55879. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.