Vulnerabilities | SC Media

Vulnerabilities

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Mozilla Foundation issues Firefox updates

By

Mozilla Foundation has issued security advisories for several vulnerabilities in Firefox ESR 60.5.1 and Firefox 65.0.1. The updates patch a use-after-free in skia flaw, an integer overflow in Skia flaw, and a buffer overflow in Skia with accelerated Canvas 2D vulnerability in Firefox ESR 60.5.1, all of which are rated high. The buffer overflow flaw…

Xiaomi electric scooter vulnerability allows remote hacks

By

The Xiaomi M365, a popular electric scooter used by several ride-share companies such as BIRD as well as for personal ownership, is vulnerable to remote hacking due to improper password validation. The scooters are enabled with Bluetooth access which allows the user to interact with the scooters for multiple features including its  Anti-Theft System, Cruise-Control,…

Cisco Network Assurance Engine (NAE) contains password vulnerability

By

A default password vulnerability in Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server. A flaw in NAE’s password management system can be exploited by authenticating with the default administrator password via the CLI of an affected server. Version…

PoC hides malware in Intel SGX enclave

By

Researchers developed a proof of concept attack which allows them to hide malware in Intel’s Software Guard eXtensions (SGX). Intel SGX is a feature found on all modern Intel CPUs that allows developers to isolate applications in secure “enclaves” and the attack allows researchers to hide undetectable malicious code from their security software  within these…

Flaw in runC could allow malicious containers to infect host environment

By

A vulnerability discovered in the runC container management tool has exposed multiple privileged container systems to a potential exploit through which attackers could allow malware to escape a container and compromise an entire host system. Designated CVE-2019-5736, the flaw allows attackers to use a malicious container to overwrite the host runC binary during the execution…

77 updates in Microsoft patch Tuesday

By

Microsoft released 77 updates, 20 of which were classified as critical, in this months patch Tuesday announcement. The updates included fixes for Microsoft Windows, Office, IE, Edge resolving a total of 74 unique CVEs this month including one actively exploited zero day flaw in Internet Explorer, according to its February Patch Tuesday release. The zero…

Layering EMV chip, tokenization, encryption bolsters card payment security

Chip and PIN protections may fall short as future threats materialize

By

The protections that chip and PIN payment card solutions offer may fall short as cybercriminals begin installing command-and-control malware on infected EMV device readers, a new report warns. Cybercriminals could begin repurposing ATM EMV malware to attack retail environments by infecting point-of-sale (POS) machines (possibly via malicious USB drives) and then introducing an altered EMV…

Airline e-ticketing vulnerability exposes passenger PII

By

A vulnerability in numerous airline e-ticketing systems can expose customer data via unencrypted check-in links that hackers can easily intercept, researchers at Wandera said. “The intercepted and unencrypted links enable unauthorized third parties to view, and in some cases even change, a user’s flight booking details, and/or print their boarding passes,” the researchers, who discovered…

Next post in Security News