“Deframed” Zend Framework Remote Code Execution Vulnerability Revealed

php sites

An untrusted deserialization vulnerability in the Zend Framework was disclosed this week. If exploited by attackers, they can achieve Remote Code Execution (RCE) on PHP Sites. This vulnerability could impact some instances of the Laminas project, which is Zend’s successor. Zend Framework is built from PHP packages and used by developers to build object-orientated web […]

The Critical Golang XML Parser Bug Can Cause SAML Authentication Bypass

Critical Golang XML parser bug

How the Critical Golang XML parser bug cause SAML authentication bypass? Security researchers at Mattermost, coordinating with the Go security team disclosed three critical vulnerabilities within the Go languages XML parser. If exploited, these vulnerabilities can lead to a complete bypass of Security Assertion Mark-up Language (SAML) authentication, as the vulnerabilities impact Go’s implementation of […]

“Dark tidings” Recent Oracle WebLogic vulnerability exploited by DarkIRC Malware

Oracle WebLogic vulnerability

A Remote Code Execution vulnerability, in the Oracle WebLogic Server, was recently discovered. The Oracle WebLogic vulnerability was due to the Oracle Fusion Middleware console component, according to Juniper Threat labs, almost 3000 Oracle WebLogic servers are reachable over the internet, based on Shodan statistics. Attackers are targeting potentially vulnerable WebLogic servers using at least […]

Google Services Weaponized to Bypass Security in Phishing

Google services

There was a spike in Phishing and business email compromises due to threat actors exploiting Google services. The attacks weaponize services such as Google Forms, Google docs, and Firebase on mobile to increase the legitimacy from the perspective of security filters and victims. Due to the open nature of the Google ecosystem, attackers are taking advantage […]

Remote Code Execution Discovered in Cisco Security Manager

Cisco Security Management

Multiple security advisories related to critical flaws in the Cisco Security Manager product have been released. These revelations come a week after patches for platform version 4.22 were released. A security researcher, Florian Hauser of Code White, disclosed proofs-of-concept for 12 vulnerabilities that affected the CSM web interface. These vulnerabilities make it possible for an […]

Mismanagement: Flaws in Privileged Management Apps Expose Machines to Attack

management apps expose machines to attack

The Intel Support Assistant utility was found to be vulnerable to privilege escalation through file manipulation and symbolic links, putting millions of Windows users at risk. The impact: The Intel Support Assistant was found to interact insecurely with nonprivileged data and directories, giving attackers the ability to execute code as privileged programs by modifying a […]

“Through The Cracks” NAT/Firewall Bypass Lets Hackers Access Any TCP/UDP Service

Hackers Access Any TCP/UDP Service

Security researcher, Samy Kamkar, has discovered a technique that allows an attacker to bypass NAT/Firewall protections, leading to remote access of any TCP/UDP port service on the target system. Dubbed “NAT Slipstreaming”, this attack involves social engineering, the attacker sends the victim a link to a malicious site or a legitimate site with adware. When […]

Hot seat – Hotspot Shield VPN New Privilege Escalation Vulnerability

hotspot

A high-risk vulnerability, rated as 7.8 in CVSS v3.1, affecting Windows 10.3.0 and earlier exists in the Hotspot Shield VPN client software. This allows an authorised user to potentially perform local privilege escalation. The impact: The flaw exists in improper directory permissions on a log folder for the software client. It allows a local user […]

Risk Crew