Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

ZuoRAT Hijacks SOHO Routers From Cisco, Netgear

The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.

DARKReading
#vulnerability#mac#windows#linux#cisco#intel#c++#asus#acer#auth
RansomHouse Claims Stealing 450GB of Data from Semiconductor Giant AMD

By Waqas RansomHouse first appeared in cyberspace in December 2021. So far, the gang has claimed six victims, including Gaming… This is a post from HackRead.com Read the original post: RansomHouse Claims Stealing 450GB of Data from Semiconductor Giant AMD

CVE-2017-20120: Offensive Security’s Exploit Database Archive

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2022-33042: bug_report/SQLi-1.md at main · 736335151/bug_report

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php.

UnRAR path traversal flaw can lead to RCE in Zimbra

Other applications using binary to extract untrusted archives are potentially vulnerable too

CVE-2022-33037: Vuln/Orwell-Dev-Cpp-CreateProcessA-Misuse-Binary-Hijack.md at main · ycdxsb/Vuln

A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file.

CVE-2022-33036: Vuln/Embarcadero-Dev-Cpp-CreateProcessW-Misuse-Binary-Hijack.md at main · ycdxsb/Vuln

A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file.

CVE-2022-33035: Vuln/XLpd-Unquoted-Service-Path.md at main · ycdxsb/Vuln

XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.

Forced Chrome extensions get removed, keep reappearing

Malwarebytes found a family of forced Chrome extensions that can't be removed because of a policy change that tells users "Your browser is managed". The post Forced Chrome extensions get removed, keep reappearing appeared first on Malwarebytes Labs.

Internet Safety Month: Everything you need to know about Omegle

Chatting with strangers piqued millions of internet users’ interest during the pandemic. Omegle made this possible. Is my child safe to use it though? The post Internet Safety Month: Everything you need to know about Omegle appeared first on Malwarebytes Labs.