Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites. It's tracking the threat cluster as UNC4166

The Hacker News
Open in Source
#web#mac#windows#google#microsoft#intel#backdoor#The Hacker News
Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet

Microsoft on Thursday flagged a cross-platform botnet that's primarily designed to launch distributed denial-of-service (DDoS) attacks against private Minecraft servers. Called MCCrash, the botnet is characterized by a unique spreading mechanism that allows it to propagate to Linux-based devices despite originating from malicious software downloads on Windows hosts. "The botnet spreads by

NIST Finally Retires SHA-1, Kind Of

SHA-1 was deprecated in 2011. NIST has set the hashing algorithm's final retirement date to Dec. 31, 2030.

CVE-2022-46634: IOT_vuln/TOTOLink/A7100RU/7 at main · EPhaha/IOT_vuln

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.

CVE-2022-46631: IOT_vuln/TOTOLink/A7100RU/6 at main · EPhaha/IOT_vuln

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.

CVE-2022-4511: Arbitrary file download Vulnerability · Issue #I66A3V · Rainy/DocSys - Gitee.com

A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserController#getUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215851.

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Hardcoded Credentials

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a hardcoded credential vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Insufficient Session Expiration

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffers from an insufficient session expiration vulnerability.

SOUND4 Server Service 4.1.102 Local Privilege Escalation

SOUND4 Server Service version 4.1.102 suffers from an unquoted search path issue impacting the service SOUND4 Server for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. SPNEGO,