Security
Headlines
HeadlinesLatestCVEs

Source

TALOS

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation

Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.

TALOS
Open in Source
#vulnerability#mac#windows#apple#microsoft#linux#cisco#dos#git#c++#rce#perl#samba#vmware#buffer_overflow#auth#docker
Malicious campaigns target government, military and civilian entities in Ukraine, Poland

Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. We judge that these operations are very likely aimed at stealing information and gaining persistent remote access.

Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild

Four of the disclosed vulnerabilities — albeit “important” ones — have been detected being exploited in the wild: CVE-2023-32046, CVE-2023-32049, CVE-2023-35311 and CVE-2023-36874.

Undocumented driver-based browser hijacker RedDriver targets Chinese speakers and internet cafes

Cisco Talos has identified multiple versions of an undocumented malicious driver named “RedDriver,” a driver-based browser hijacker that uses the Windows Filtering Platform (WFP) to intercept browser traffic.

Old certificate, new signature: Open-source tools forge signature timestamps on Windows drivers

Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates.

Gergana Karadzhova-Dangela wants to send the ladder back down to the next generation of incident responders

Karadzhova-Dangela's family put her on a plane to Massachusetts without a return ticket and it wasn't until the IT job gave her enough disposable income to afford plane tickets back and forth to Bulgaria that she could see her family.

Threat Roundup for June 30 to July 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

DDoS attacks want to make sure you haven’t forgotten about them

The economic damage of DDoS attacks is tough to measure — who can really say how much money Blizzard missed out on by not having players in “Diablo IV” for a few hours spending money on microtransactions or choosing to buy the game?

Taking over Milesight UR32L routers behind a VPN: 22 vulnerabilities and a full chain

In all, Cisco Talos is releasing 22 security advisories today, nine of which have a CVSS score greater than 8, associated with 69 CVEs.

The growth of commercial spyware based intelligence providers without legal or ethical supervision

Commercial spyware has become so notorious that international governments are taking notice and action against it, as evidenced by the Biden administration’s recent Executive Order on commercial spyware.