#zero_day

An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of crafted file.

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to what it called an

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. "The issue results from the lack of proper validation of user-supplied

Categories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: ShareFile Tags: CVE-2023-24489 Tags: RCE Tags: unauthenticated Tags: vulnerability Tags: PoC Citrix ShareFile can be exploited remotely by unauthenticated attackers. (Read more...) The post Patch now! Citrix Sharefile joins the list of actively exploited file sharing software appeared first on Malwarebytes Labs.

While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats) are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into one's own network.  Just recently, an attack believed to be perpetrated by the Chinese hacker group

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited

Categories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: NetScalers Tags: Germany Tags: CVE-2023-3519 Tags: Fox-IT Tags: DIVD Researchers have found almost 2000 backdoored Citrix NetScalers, many of which were patched after the backdoor in the form of a web shell was dropped. (Read more...) The post Citrix NetScalers backdoored in widespread exploitation campaign appeared first on Malwarebytes Labs.

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.