Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Persistence – Event Log Online Help

Event viewer is a component of Microsoft Windows that displays information related to application, security, system and setup events. Even though that Event Viewer is… Continue reading → Persistence – Event Log Online Help

Pentestlab
Open in Source
#web#ios#mac#windows#microsoft#c++
Shein's Android App Caught Transmitting Clipboard Data to Remote Servers

An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021. The issue has since been addressed as of May 2022. Shein, originally named ZZKKO, is a Chinese online fast

CVE-2022-45141: Samba - Security Announcement Archive

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Shein Shopping App Glitch Copies Android Clipboard Contents

The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data.

Ubuntu Security Notice USN-5917-1

Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

Intel CPU vulnerabilities fixed. But should you update?

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-21123 Tags: CVE-2022-21125 Tags: CVE-2022-21127 Tags: CVE-2022-21166 Tags: Intel Tags: VMs Tags: microcode Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs, but who needs them? (Read more...) The post Intel CPU vulnerabilities fixed. But should you update? appeared first on Malwarebytes Labs.

Russia Bans WhatsApp, Discord, Telegram, and Others

By Deeba Ahmed Interestingly, Telegram is also part of this ban, although it is owned by Russian millionaire Pavel Durov. This is a post from HackRead.com Read the original post: Russia Bans WhatsApp, Discord, Telegram, and Others

CVE-2023-26213: OS Command Injectionin Barracuda CloudGen WAN

On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.

Threat Roundup (Feb. 24 - March 3)

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 24 and March 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Barracuda CloudGen WAN OS Command Injection

Barracuda CloudGen WAN provides a private edge appliance for hybrid deployments. An authenticated user in the administration interface for the private edge virtual appliance can inject arbitrary OS commands via the /ajax/update_certificate endpoint. Versions prior to v8.* hotfix 1089 are affected.