Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector

Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten. "

The Hacker News
Open in Source
#vulnerability#web#mac#windows#microsoft#linux#intel#backdoor#auth#ssh#The Hacker News
How Outlook notification sounds can lead to zero-click exploits

A researcher found two Microsoft vulnerabilities which could be combined to achieve zero-click remote code execution.

Update Chrome now! Emergency update patches zero-day

Google has issued an emergency update for Chrome that fixes an actively exploited zero-day vulnerability in the WebRTC component.

US pharmacy Rite Aid banned from operating facial recognition systems

Pharmacy chain Rite Aid has been denied the right to run facial recognition systems in its stores for five years, by the FTC.

Iran’s Peach Sandstorm Deploy FalseFont Backdoor in Defense Sector

By Waqas Peach Sandstorm, also recognized as HOLMIUM, has recently focused on global Defense Industrial Base (DIB) targets. This is a post from HackRead.com Read the original post: Iran’s Peach Sandstorm Deploy FalseFont Backdoor in Defense Sector

GHSA-6qm2-wpxq-7qh2: Gradio makes the `/file` secure against file traversal and server-side request forgery attacks

Older versions of `gradio` contained a vulnerability in the `/file` route which made them susceptible to file traversal attacks in which an attacker could access arbitrary files on a machine running a Gradio app with a public URL (e.g. if the demo was created with `share=True`, or on Hugging Face Spaces) if they knew the path of files to look for. This was not possible through regular URLs passed into a browser, but it was possible through the use of programmatic tools such as `curl` with the `--pass-as-is` flag. Furthermore, the `/file` route in Gradio apps also contained a vulnerability that made it possible to use it for SSRF attacks. Both of these vulnerabilities have been fixed in `gradio==4.11.0`

Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware

Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.

Red Hat Security Advisory 2023-7886-03

Red Hat Security Advisory 2023-7886-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide

A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, Europe, and Japan.

8220 Gang Targets Telecom and Healthcare in Global Cryptojacking Attack

By Deeba Ahmed The 8220 gang, believed to be of Chinese origins, was first identified in 2017 by Cisco Talos when they targeted Drupal, Hadoop YARN, and Apache Struts2 applications for propagating cryptojacking malware. This is a post from HackRead.com Read the original post: 8220 Gang Targets Telecom and Healthcare in Global Cryptojacking Attack