Hacking Archives - Page 6 of 8

OpenSSL fixes two high severity vulnerabilities, what you need to know

11/01/2022
Cyber News
0day, Exploit, Hacking, Patching, PrivEsc, RCE, Security

CVE-2022-3602 is an arbitrary 4-byte stack buffer overflow that could trigger crashes or lead to remote code execution (RCE)

1 November

Text4Shell, a remote code execution bug in Apache Commons Text library

Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library

20 October

Microsoft data breach exposes customers’ contact info, emails

10/20/2022
Cyber News
Breach, Business, Exploit, Hacking, Security

Threat actors who accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels

20 October

Tear in Microsoft Azure Service Fabric can give attackers full admin privileges

10/19/2022
Cyber News
Hacking, Hardening, Patching, PrivEsc, Security

The size of the threat depends on the number of clusters set up within user organizations and if those have non-admin users that use the CreateComposeApplication role to create applications and the vulnerable SFXv1

19 October

Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update

10/19/2022
Cyber News
Exploit, Hacking, Malware, PrivEsc, Security

Some notable commands issued include exfiltrating the list of running processes, enumerating files in specific folders, launching whoami, and deleting files under the public user folders

19 October

Over 45,000 VMware ESXi servers just reached end-of-life

10/16/2022
Cyber News
Exploit, Hacking, Hardening, Patching, Ransomware, Security

As of October 15, 2022, VMware ESXi 6.5 and VMware ESXi 6.7 reached end-of-life and will only receive technical support but no security updates, putting the software at risk of vulnerabilities

16 October

Magniber ransomware now infects Windows users via JavaScript files

10/16/2022
Cyber News
Exploit, Hacking, Malware, Ransomware, Security

Home users can defend against a ransomware attack by regular backups of their files and keeping them on an offline storage device

16 October

Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

10/15/2022
Cyber News
Breach, Exploit, Hacking, Malware, Phishing

The evolution of email-based phishing threats into a service-based economy means that adversaries who aim to conduct phishing attacks can now simply purchase such resources and infrastructure without having to work on it themselves

15 October

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

10/11/2022
Cyber News
0day, Exploit, Hacking, Patching, PrivEsc, RCE

In light of the critical nature of the vulnerability, users are recommended to update to the latest version as soon as possible to mitigate possible threats.

11 October

New Report Uncovers Emotet’s Delivery and Evasion Techniques Used in Recent Attacks

10/11/2022
Cyber News
Exploit, Hacking, Malware, Phishing, PrivEsc, RCE, Security

These intrusions typically rely on waves of spam messages that deliver malware-laced documents or embedded URLs, which, when opened or clicked, lead to malware deployment

11 October

Hacking Archives - Page 6 of 8 - CyberConvoy Blog