Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access

A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. "A

The Hacker News
Open in Source
#vulnerability#windows#google#microsoft#intel#c++#backdoor#vmware#auth#The Hacker News
GHSA-mpg4-rc92-vx8v: fast-xml-parser vulnerable to ReDOS at currency parsing

### Summary A ReDOS exists on currency.js was discovered by Gauss Security Labs R&D team. ### Details https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10 contains a vulnerable regex ### PoC pass the following string '\t'.repeat(13337) + '.' ### Impact Denial of service during currency parsing in experimental version 5 of fast-xml-parser-library https://gauss-security.com

Ubuntu Security Notice USN-6923-1

Ubuntu Security Notice 6923-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6919-1

Ubuntu Security Notice 6919-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

7 Sessions Not to Miss at Black Hat USA 2024

This year's conference will be a treasure trove of insights for cybersecurity professionals.

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website ("chrome-web[.]com") serving malicious installer packages masquerading as Google's Chrome browser, indicating that users searching for the software on the

Stop X’s Grok AI From Training on Your Tweets

Plus: More Pegasus spyware controversy, a major BIOS controversy, and more of the week’s top security news.

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months." It further said around a hundred victims located in France, Malta, Portugal,

Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue

Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.