November 14, 2023 at 02:27PM Researchers from the CISPA Helmholtz Center for Information Security have discovered a new software fault attack called CacheWarp that targets AMD’s Secure Encrypted Virtualization (SEV) technology. The attack exploits a vulnerability in SEV to infiltrate encrypted virtual machines and achieve privilege escalation. AMD has released a microcode update to address … Read more
November 14, 2023 at 01:45PM Researchers have discovered a new attack method called CacheWarp that affects AMD processors. It poses a risk to protected virtual machines by allowing hackers to hijack control flow, break into encrypted VMs, and escalate privileges. CacheWarp is a software-based fault injection attack resulting from an architectural bug in AMD CPUs. … Read more
November 8, 2023 at 03:21AM Cybersecurity researchers have identified a threat actor known as farnetwork, who has been involved in multiple ransomware-as-a-service (RaaS) programs, including JSWORM, Nefilim, Karma, and Nemty. They have recently launched their own RaaS program using the Nokoyawa ransomware. The threat actor is adept at using stolen corporate account credentials to carry … Read more
November 6, 2023 at 09:00AM A serious privilege escalation vulnerability, known as CVE-2023-4911 or Looney Tunables, has been exploited by the Kinsing threat group. The group, known for its cryptojacking operations, has targeted major Linux distributions. They have also started collecting new types of information, indicating a potential shift in their activities. Security firm Aqua … Read more
November 1, 2023 at 11:46AM VMware Carbon Black’s Threat Analysis Unit (TAU) found numerous previously unknown vulnerable kernel drivers that could be used by attackers to modify firmware or escalate privileges. After analyzing 18,000 Windows driver samples, TAU identified 34 unique vulnerable drivers, including ones from major BIOS and chip makers. Exploiting these drivers can … Read more
October 25, 2023 at 03:57PM Apple released major security updates for macOS and iOS, addressing numerous vulnerabilities that could potentially lead to hacker attacks. The updates address a total of 21 iOS security vulnerabilities and 44 macOS flaws, including code execution and data exposure issues. Apple also patched an already-exploited vulnerability reported by Kaspersky. The … Read more
October 21, 2023 at 12:33AM Cisco has alerted users to a zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor. The flaw, tracked as CVE-2023-20273, allows for privilege escalation and the deployment of a malicious implant. Cisco has identified a fix and recommends disabling the HTTP server feature until … Read more
October 20, 2023 at 06:17PM Cisco has disclosed two high-severity zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, being actively exploited to compromise Cisco IOS XE devices. The company has found fixes for both vulnerabilities and plans to release them on October 22. Over 40,000 devices have already been compromised. System administrators are urged to disable the vulnerable … Read more
October 20, 2023 at 04:34PM Eight critical vulnerabilities have been discovered in SolarWinds’ Access Rights Manager Tool, exposing unpatched systems to potential privilege escalation by attackers. The vulnerabilities range from allowing remote code execution to performing local privilege escalation. A new ARM version, 2023.2.1, has been released to fix the vulnerabilities, and SolarWinds clients are … Read more
October 20, 2023 at 11:06AM Researchers discovered three critical remote code execution vulnerabilities in SolarWinds Access Rights Manager (ARM), allowing attackers to run code with SYSTEM privileges. SolarWinds ARM helps organizations manage and audit user access rights. The vendor promptly released a patch in version 2023.2.1 of the system. The vulnerabilities’ severity ratings are all … Read more