Search results for Chong discovered

Hackers use Remote Access Trojans (RATs) to gain unauthorized access and control over a victim’s computer remotely.  RATs allow threat actors to execute the following malicious actions while remaining hidden from the victim:- Recently, cybersecurity researchers at Cisco Talos discovered a malicious campaign that was found to be delivering a new RAT that’s been dubbed […] The post New SugarGh0st RAT Delivered via Malicious Windows Shortcut & JavaScript appeared first on Cyber Security News.

Malicious Windows RAT Delivered Windows Shortcut

Black Basta, the fourth-most active ransomware strain with more than 329 victims, has reportedly made over 0 million in ransom payments. This ransomware has also been discovered to resemble the Conti ransomware group, which stopped its operations by May 2022. A group known as Black Basta has been found to engage in double-extortion tactics, whereby […] The post Black Basta Ransomware Received Over 0 Million From Victims appeared first on Cyber Security News.

Basta Ransomware Received

Notepad++ has been discovered with an uncontrolled search path vulnerability, which could allow threat actors to search an untrusted search path. This vulnerability has been disclosed to Notepad++, and a patch has yet to be provided. Notepad++ is a simple text editor for Windows with many more capabilities and can be used to open or […] The post Notepad++ Input Validation Flaws Leads to uncontrolled Search Path Vulnerability appeared first on Cyber Security News.

Validation Flaws

A security risk discovered in the Google Cloud Platform domain-wide delegation feature allows a user to generate an access token to Google Workspace, granting unauthorized access to data and other key tools. The post Exploring a Critical Risk in Google Workspace's Domain-Wide Delegation Feature appeared first on Unit 42.

Critical Risk Delegation Feature Domain-Wide Delegation

A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data. Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne live hacking event H1-4420. Zoom Rooms is a feature of the Zoom video conferencing platform designed to enhance collaboration in physical meeting spaces, such as conference […]

Zoom Tenants

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) It was discovered that the USB ENE card reader driver in the Linux kernel did not properly allocate enough memory when processing the storage device boot blocks. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-45862) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717)

A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. [...]

FjordPhantom Android

Join the Be.Cyber community! On the program: news and tools monitoring, mutual aid and knowledge sharing, event organization (workshops, CTF resolution), ... And it's all in good fun!

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and applications. However, this progress also attracts threat actors who actively exploit LLMs for various malicious activities like: Recently, cybersecurity researchers at Google discovered how threat actors can exploit ChatGPT queries to collect personal data. Document Protect Your Storage With SafeGuard […] The post Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data appeared first on Cyber Security News.

ChatGPT Queries Collect Personal

AhnLab Security Emergency response Center (ASEC) discovered a case of malware distribution using personal information sales as bait. This attack case employs a social engineering hacking technique. ASEC provides you with recently discovered circumstances of malware distribution using social engineering hacking techniques. Figure 1 shows the content of the website used by the threat actor as a distribution site, with multiple files. Most of the files contain personal information, and the file names include investment-related keywords such as ‘reading,’ ‘unlisted,’... The post Personal Information Sales Used as Bait to Distribute Malware appeared first on ASEC BLOG.

It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. (CVE-2022-40433) Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that the CORBA implementation in OpenJDK did not properly perform deserialization of IOR string objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-22067) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081)

bytecode blocks Carter Kozak validate bytecode

Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081)

Kozak discovered support enabled vulnerabilities Carter