SecurityOnline: CVE-2023-4863: New Chrome 0-day Bug Under Active Attacks https://securityonline.info/cve-2023-4863-new-chrome-0-day-bug-under-active-attacks/ #Vulnerability #CVE-2023-4863 #chrome #0day

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

BLASTPASS – czyli aktywny exploit wykorzystywany przez Pegasusa. Do infekcji nie potrzebna jest interakcja ofiary.

Citizen Lab dostarcza właśnie kilka szczegółów dotyczących działania exploitu, którego udało się namierzyć w wyniku przechwycenia realnych ataków na iPhone-y. Okazuje się że do ofiary wystarczy wysłać za pośrednictwem iMessage załączniki, zawierające odpowiednio spreparowane obrazki. Dalej już wszystko dzieje się automatycznie – telefon procesuje obrazki, a samo procesowanie powoduje wykonanie...

#WBiegu #0Day #Iphone #Pegasus

https://sekurak.pl/blastpass-czyli-aktywny-exploit-wykorzystywany-przez-pegasusa-do-infekcji-nie-potrzebna-jest-interakcja-ofiary/

HackRead: Update NOW! Pegasus Spyware Exploit Found in iPhones Running Latest iOS https://www.hackread.com/blastpass-pegasus-spyware-exploit-iphones-ios/ #Vulnerability #Surveillance #BLASTPASS #Security #security #Malware #Pegasus #Spyware #iPhone #0day #iOS

Apple łata dwa 0daye wykorzystywane w atakach na iPhone-y. Złośliwym obrazkiem można przejąć telefon

Nowa wersja iOS 16.6.1 przynosi łatki zaledwie dwóch błędów, z czego jeden wygląda dość groźnie – odpowiednio spreparowanym obrazkiem można wykonać dowolny kod na telefonie ofiary: Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been...

#WBiegu #0Day #Iphone #Rce

https://sekurak.pl/apple-lata-dwa-0daye-wykorzystywane-w-atakach-na-iphone-y-zlosliwym-obrazkiem-mozna-przejac-telefon/

Find of the day - someone dropped an AtlasVPN #0day on Reddit. The AtlasVPN daemon on Linux runs an HTTP server to accept CLI commands, it binds to 127.0.0.1:8076 by default.

What's hilarious is that it accepts commands without ANY authentication - so if you open a malicious webpage, that webpage can fire a POST to 127.0.0.1:8076/connection/stop and instantly disconnect your VPN.

Utter garbage.

Source: https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/

Proof below - used AtlasVPN's latest Linux client, version 1.0.3.

0day w WinRAR był exploitowany od kilku miesięcy – m.in. za pomocą odpowiednio spreparowanego pliku zip

Informacja o podatności CVE-2023-38831 gruchnęła już dobrych kilka dni temu. Luka (luki) jest obecnie załatana, ale pokazały się informację o aktywnej tej eksploitacji podatności jako 0day – i to od kwietnia 2023. Na celowniku były m.in. komputery / konta osób handlujących kryptowalutami. Cały trick polegał na stworzeniu archiwum (np. zip),...

#WBiegu #0Day #Exploit #Winrar

https://sekurak.pl/0day-w-winrar-byl-exploitowany-od-kilku-miesiecy-m-in-za-pomoca-odpowiednio-spreparowanego-pliku-zip/

Guess we're just on fire right now. Critical authentication bypass in SSH VMware Aria Operations.

https://www.vmware.com/security/advisories/VMSA-2023-0018.html

Quick estimations, roughly 4500 publicly available SSH-hosts running VMware Aria.

Will the next cl0p campaign please stand up?

#VMware #0day #SSH #Vulnerability #FFS

WinRAR 0-day that uses poisoned JPG and TXT files
weaponized to rob yuppies since April.

via arstechnica.com:

“A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives.

The vulnerability, residing in the way WinRAR processes the ZIP file format, has been under active exploit since April in securities trading forums, researchers from security firm Group IB reported Wednesday. The attackers have been using the vulnerability to remotely execute code that installs malware from families, including DarkMe, GuLoader, and Remcos RAT.

From there, the “criminals” withdraw money from broker accounts. The total amount of financial losses and total number of victims infected is unknown, although Group-IB said it has tracked at least 130 individuals known to have been compromised. WinRAR developers fixed the vulnerability, tracked as CVE-2023-38831, earlier this month.“

https://arstechnica.com/security/2023/08/winrar-0-day-that-uses-poisoned-jpg-and-txt-files-under-exploit-since-april/

#PunchUp #Yuppies #0Day #Hackers #WinRar

wow:
> "If any zero-day exploit can constitute 'negligence' for failure to catch and then patch, then every software company in the world has exposure," Walke says. "If, however, negligence requires notice of the zero-day exploit and then failure to act, that narrows the pool of potentially liable companies to only those who had notice of the flaw and ignored it."
#0day #liability #lawsuit

Erst mehrere Rapid Security Responses und wenige Tage später ein großes Sicherheitsupdate hinterher. Bei #ios und #macos von #Apple ist ja gerade einiges los …
Sollte man wohl schnell mal einspielen die Updates. Gibt schon #0day exploits.

https://www.heise.de/news/Luecken-gestopft-Apple-bringt-iOS-16-6-macOS-13-5-watchOS-9-6-und-tvOS-16-6-9225677.html

@glennpegden

@cyb3rops "Finally! Someone put the two IP IOCs related to the #Citrix Netscaler ADC vuln CVE-2023-3519 in a Virustotal Graph, which allows me to share them

216[.]41[.]162[.]172
216[.]51[.]171[.]17"

https://www.virustotal.com/graph/g6a29f00ad5d54977bb9009805fe5c388d855fdd557e949ffb9904390f62d9a84

#Cirtix #CVE20233519 #intel #ZeroDay #0day #cyber #CyberSecurity

@glennpegden

Some more info here:

https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/#Review_of_the_systems

#Cirtix #CVE20233519 #intel #zeroday #0day #cyber #cybersecurity

Exploited 0-days, an incomplete fix, and a botched disclosure: #Infosec #snafu reigns
#0day #exploit #security
https://arstechnica.com/?p=1954819

Microsoft hit by Storm season – a tale of two semi-zero days - The first compromise didn't get the crooks as far as they wanted, so they found a second ... https://nakedsecurity.sophos.com/2023/07/18/microsoft-hit-by-storm-season-a-tale-of-two-semi-zero-days/ #authentication #vulnerability #cryptography #microsoft #dataloss #storm #0day