French Bug Bounty Platform YesWeHack Raises $28 Million

June 14, 2024 at 03:00AM YesWeHack, a French bug bounty and vulnerability disclosure policy company, has raised €26 million in a Series C funding round, bringing its total raised to over $52 million. The investment was led by Wendel, with additional capital from other partners. YesWeHack plans to use the funds to invest in AI, … Read more

Vulnerabilities Patched in Kiuwan Code Security Products After Long Disclosure Process

June 6, 2024 at 08:18AM Kiuwan, a code security firm owned by US-based Idera, took almost two years to patch critical vulnerabilities in its SAST and Local Analyzer products. Discovered by SEC Consult, the flaws included XSS, XXE injection, privilege escalation, and IDOR issues, posing significant security risks to users. Despite extensive coordination, Kiuwan’s response … Read more

Exploit for critical Progress Telerik auth bypass released, patch now

June 3, 2024 at 02:01PM Researchers have demonstrated a chained remote code execution vulnerability on Progress Telerik Report Servers. The exploit, developed by Sina Kheirkha with assistance from Soroush Dalili, involves an authentication bypass and deserialization issue. Urgent updates (Telerik Report Server 2024 Q2 10.1.24.514 or later) are recommended. Progress Software’s history warrants prompt action … Read more

An Argument for Coordinated Disclosure of New Exploits

May 30, 2024 at 10:06AM In 2023, over 23,000 vulnerabilities were disclosed, leading to a race to release exploits. Coordinated disclosure involves alerting vendors and waiting to publicly release findings. Full disclosure argues for immediate transparency to prompt patches. Responsible disclosure is crucial due to the potential exploitation of vulnerabilities. Publicly releasing exploit research can … Read more

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

May 28, 2024 at 02:45AM A critical security flaw, CVE-2024-5035, with a 10.0 CVSS score, was discovered in TP-Link Archer C5400X router, allowing remote code execution. The flaw, patched in version 1_1.1.7, arises from a binary related to radio frequency testing, exposing a network listener. TP-Link’s fix blocks commands with special characters. Other undisclosed vulnerabilities … Read more

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

May 21, 2024 at 12:45PM QNAP Systems issued patches for multiple vulnerabilities, including CVE-2024-27130, described as an unsafe use of the ‘strcpy’ function in the No_Support_ACL function, leading to a stack buffer overflow and potential remote code execution. QNAP advised users to update to QTS 5.1.7 to mitigate the risk and address multiple other vulnerabilities. … Read more

VMware Patches Severe Security Flaws in Workstation and Fusion Products

May 14, 2024 at 12:18PM Multiple security flaws have been disclosed in VMware Workstation and Fusion products, impacting versions 17.x and 13.x. Exploitable by threat actors, these flaws allow access to sensitive information, DoS conditions, and code execution. Temporary workarounds are suggested until patches can be deployed, including turning off Bluetooth support and disabling 3D … Read more

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

May 13, 2024 at 06:22AM Cybersecurity researchers disclosed critical security flaws in Cinterion cellular modems, potential targets for threat actors, risking access to sensitive information and code execution. The flaws, including heap overflow, privilege escalation, and exposure of sensitive information, were presented at OffensiveCon. Recommendations to mitigate threats include disabling non-essential SMS messaging and conducting … Read more

Tech Companies Promise Secure by Design Products

May 9, 2024 at 10:37AM Over 60 vendors have pledged to develop secure products as part of the “Secure by Design” initiative led by CISA. The focus is on addressing security as a core business requirement, with the onus on manufacturers rather than individual users. Signatories are asked to consider and demonstrate progress towards seven … Read more

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion

May 7, 2024 at 09:57AM The recent cyber attack on MITRE Corporation, disclosed last month, exploited two zero-day vulnerabilities to target its NERVE research network. The attackers utilized various web shells and backdoors to gain access and maintain control, including deploying a Golang backdoor and conducting data exfiltration. The attack, attributed to a China-nexus cyber … Read more