Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

CVE-2022-31211: Multiple Vulnerabilities in Infiray IRAY-A8Z3 thermal camera

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.

CVE
Open in Source
#vulnerability#web#linux#intel#backdoor#rce#buffer_overflow#auth#telnet
Hackers can spoof commit metadata to create false GitHub repositories

By Deeba Ahmed Checkmarx security researchers have warned about an emerging new supply chain attack tactic involving spoofed metadata commits to present malicious… This is a post from HackRead.com Read the original post: Hackers can spoof commit metadata to create false GitHub repositories

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo

CVE-2021-45492: A Sage 300 Case Study

In Sage 300 ERP (formerly accpac) through 6.8.x, the installer configures the C:\Sage\Sage300\Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage installer fails to set explicit permissions and therefore inherits weak permissions from the C:\ folder. Because entries in the system-wide PATH variable are included in the search order for DLLs, an attacker could perform DLL search-order hijacking to escalate their privileges to SYSTEM. Furthermore, if the Global Search or Web Screens functionality is enabled, then privilege escalation is possible via the GlobalSearchService and Sage.CNA.WindowsService services, again via DLL search-order hijacking because unprivileged users would have modify permissions on the application directory. Note that while older versions of the software default to installing in %PROGRAMFILES(X86)% (which would allow the Sage folder to inherit strong permiss...

Journalists Emerge as Favored Attack Target for APTs

Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.

China’s Tonto Team increases espionage activities against Russia

China is gathering more intel about Russia after strengthening their diplomatic ties in the face of Western sanctions. The post China’s Tonto Team increases espionage activities against Russia appeared first on Malwarebytes Labs.

State-Backed Hackers Targeting Journalists in Widespread Espionage Campaigns

Nation-state hacking groups aligned with China, Iran, North Korea, and Turkey have been targeting journalists to conduct espionage and spread malware as part of a series of campaigns since early 2021. "Most commonly, phishing attacks targeting journalists are used for espionage or to gain key insights into the inner workings of another government, company, or other area of state-designated

How Confidential Computing Locks Down Data, Regardless of Its State

Whether data's in motion, at rest, or in use, confidential computing makes moving workloads to the public cloud safer, and can enhance data security in other deployments.

Take threats against machine learning systems seriously, security firm warns

A new white paper from NCC Group details the myriad security threats associated with machine learning models

4 ways businesses can save money on cyber insurance

When it comes to insurance, better security means better savings. The post 4 ways businesses can save money on cyber insurance appeared first on Malwarebytes Labs.