Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Does Your Help Desk Know Who's Calling?

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they take

The Hacker News
#web#mac#microsoft#auth#The Hacker News
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt. Crypters are a type of software that can encrypt,

CVE-2023-27985: #60204 - 28.2; Invalid Exec key in etc/emacsclient-mail.desktop

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.

CVE-2023-27986: security - Shell command and Emacs Lisp code injection in emacsclient-mail.desktop

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters.

GHSA-ff4p-7xrq-q5r8: wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64

### Impact Wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug means that, with default codegen settings, a wasm-controlled load/store operation could read/write addresses up to 35 bits away from the base of linear memory. Wasmtime's default sandbox settings provide up to 6G of protection from the base of linear memory to guarantee that any memory access in that range will be semantically correct. Due to this bug, however, addresses up to `0xffffffff * 8 + 0x7ffffffc = 36507222004 = ~34G` bytes away from the base of linear memory are possible from guest code. This means that the virtual memory 6G away from the base of linear memory up to ~34G away can be read/written by a malicious module. This out of bounds read/write is not semantically correct and poses a threat as an arbitrary read/write within ~34G of linear memory...

Emotet Resurfaces Yet Again After 3-Month Hiatus

More than two years after a major takedown by law enforcement, the threat group is once again proving just how impervious it is against disruption attempts.

BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows

By Deeba Ahmed Security firm ESET’s cybersecurity researchers have shared their analysis of the world’s first UEFI bootkit being used in… This is a post from HackRead.com Read the original post: BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows

40% of Global ICS Systems Attacked With Malware in 2022

Led by growth in Russia, more than 40% of global ICS systems faced malicious activity in the second half of 2022.

CVE-2023-23760: Release notes - GitHub Enterprise Server 3.4 Docs

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to versions 3.8 and was fixed in versions 3.7.7, 3.6.10, 3.5.14, and 3.4.17. This vulnerability was reported via the GitHub Bug Bounty program.

Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware

By Deeba Ahmed Currently, scammers are using DBatLoader malware loader to distribute Remcos RAT to businesses and institutions across Eastern Europe. This is a post from HackRead.com Read the original post: Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware