Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Operation Triangulation: Experts Uncover Deeper Insights into iOS Zero-Day Attacks

The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location. The findings come from Kaspersky, which detailed the great lengths the adversary behind the campaign, dubbed Operation Triangulation, went to conceal and cover up

The Hacker News
Open in Source
#sql#vulnerability#web#ios#mac#apple#java#backdoor#zero_day#The Hacker News
Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group's Fox-IT team said. "Thus, for a lot of devices

Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices

A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.

How State and Local Governments Can Serve Citizens More Securely

The top 10 priorities of state CIOs underscore the importance of securing applications and APIs in complex environments.

CVE-2023-46122: zip slip vulnerability · Issue #358 · sbt/io

sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwrite `/root/.ssh/authorized_keys`. Within sbt's main code, `IO.unzip` is used in `pullRemoteCache` task and `Resolvers.remote`; however many projects use `IO.unzip(...)` directly to implement custom tasks. This vulnerability has been patched in version 1.9.7.

A week in security (October 16 - October 22)

Categories: News Tags: week Tags: security Tags: October Tags: 2023 A list of topics we covered in the week of October 16 to October 22 of 2023 (Read more...) The post A week in security (October 16 - October 22) appeared first on Malwarebytes Labs.

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. "The attacker first

CVE-2023-45664: GHSL-2023-145_GHSL-2023-151/GHSL-2023-165_GHSL-2023-172: Several memory access violations in stb_image and stb_vorbis

stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` value is zero the behavior is implementation defined, but common that realloc frees the old memory and returns null pointer. Since it attempts to double-free the memory a few lines below the first “free”, the issue can be potentially exploited only in a multi-threaded environment. In the worst case this may lead to code execution.

From Snooze to Enthuse: Making Security Awareness Training 'Sticky'

Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?

Cisco Finds New Zero Day Bug, Pledges Patches in Days

A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.