Critical Code Execution Vulnerabilities Patched in VMware vCenter Server

June 18, 2024 at 12:36PM VMware, owned by Broadcom, has released patches for severe vCenter Server vulnerabilities, including heap-overflow flaws and local privilege escalation issues. These could lead to remote code execution or elevate privileges to root. Chinese cybersecurity company Qi An Xin and Matei Badanoiu of Deloitte Romania were credited for reporting the vulnerabilities. … Read more

CISA warns of actively exploited Linux privilege elevation flaw

May 31, 2024 at 03:35PM CISA added two vulnerabilities to its KEV catalog, including a Linux kernel privilege escalation flaw (CVE-2024-1086) and an info disclosure flaw on VPN devices (CVE-2024-24919). The former allows local attackers to gain root-level access, with a public exploit available. CISA has set a patching deadline for federal agencies and suggested … Read more

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

May 30, 2024 at 02:09PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted a high-severity security flaw in the Linux kernel (CVE-2024-1086) enabling local privilege escalation. Additionally, a security flaw in Check Point network gateway products (CVE-2024-24919) was added to the Known Exploited Vulnerabilities catalog. Federal agencies are urged to apply the latest fixes … Read more

Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days

May 17, 2024 at 08:09AM Seven Windows privilege escalation vulnerabilities discovered at Pwn2Own 2024 remain unpatched by Microsoft, with only one fix issued so far. Trend Micro’s Zero Day Initiative, which oversees Pwn2Own, notes the potential threat these bugs pose. Microsoft’s lag in resolving these issues contrasts with prompt actions by other tech companies, prompting … Read more

Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities 

May 15, 2024 at 11:21AM Intel released 41 security advisories addressing over 90 vulnerabilities in its products. Critical vulnerability CVE-2024-22476 was found in Neural Compressor, allowing unauthenticated remote attackers to escalate privileges. High-severity flaws were also found in UEFI firmware, graphics, and network products. Additionally, there were medium-severity vulnerabilities in various hardware and software products. … Read more

Microsoft fixes Windows zero-day exploited in QakBot malware attacks

May 14, 2024 at 02:23PM Microsoft has addressed a zero-day vulnerability, CVE-2024-30051, which allowed for privilege escalation through a heap-based buffer overflow in the Desktop Window Manager (DWM) core library on vulnerable Windows systems, facilitating delivery of QakBot and other malware. Kaspersky and other security researchers confirmed the exploitation and reported it to Microsoft. QakBot … Read more

Cisco discloses root escalation flaw with public exploit code

April 17, 2024 at 01:28PM Cisco has issued patches for a high-severity vulnerability in its Integrated Management Controller (IMC), allowing local attackers to escalate privileges to root using crafted CLI commands. The flaw, tracked as CVE-2024-20295, affects various Cisco devices and has a public exploit code available. Cisco has also observed recent zero-day attacks on … Read more

ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities

April 9, 2024 at 09:42AM Siemens and Schneider Electric have released April 2024 Patch Tuesday advisories. Siemens published eight advisories, including 80 vulnerabilities in ICS products. Notably, patches for three critical code execution flaws in Scalance W1750D access points were announced. Meanwhile, Schneider Electric disclosed a high-severity privilege escalation vulnerability in its Easergy Studio product. … Read more

Easy-to-use make-me-root exploit lands for recent Linux kernels. Get patching

March 29, 2024 at 05:50PM A Linux privilege-escalation exploit affecting kernel versions 5.14 to 6.6.14 has been detailed by bug hunter Notselwyn. Dubbed CVE-2024-1086, the flaw allows unauthorized root access, posing risks of damage and system control. Highly severe, it has been patched, prompting essential updates. Notselwyn’s PoC source code enables simple exploitation, underscoring the … Read more

Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account

March 25, 2024 at 08:51AM Microsoft discovered a data breach by Russian-state hackers accessing an old, inactive account using a password spray attack. This breach compromised sensitive email accounts and highlighted the vulnerability of all user accounts, not just privileged ones. Organizations are urged to prioritize robust password protection measures, including strong password policies, multi-factor … Read more