#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

PoC Exploit | Breaking Cybersecurity News | The Hacker News

Category — PoC Exploit
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

Jan 16, 2024 Vulnerability / Network Security
Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). "The two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern," Jon Williams, a senior security engineer at Bishop Fox,  said  in a technical analysis shared with The Hacker News. The vulnerabilities in question are listed below - CVE-2022-22274  (CVSS score: 9.4) - A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or potentially result in code execution in the firewall. CVE-2023-0656  (CVSS score: 7.5) - A stack-based buffer overflow vulnerability in the SonicOS allows a remote, unauthenticated attacker to cause DoS, which could result in a crash. While there are no reports of exploi...
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

Nov 15, 2023 Ransomware / Vulnerability
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as  CVE-2023-46604  (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6, or 5.18.3 released late last month. The vulnerability has since  come under   active exploitation  by ransomware outfits to deploy ransomware such as HelloKitty and a strain that shares similarities with TellYouThePass as well as a remote access trojan called SparkRAT. According to  new findings  from VulnCheck, threat actors weaponizing the flaw are  relying  on a public proof-of-concept ( PoC ) exploit originally disclosed on October 25, 2023. The attacks have been found to use  ClassPathXmlApplicationContext , a class that's part of the...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

Sep 21, 2023 Vulnerability / Exploit
A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware. "The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited a SQL injection vulnerability in an application called GeoServer, which is tracked as  CVE-2023-25157 ," Palo Alto Networks Unit 42 researcher Robert Falcone  said . While  bogus PoCs  have become a  well-documented gambit  for targeting the  research community , the cybersecurity firm suspected that the threat actors are opportunistically targeting other crooks who may be adopting the latest vulnerabilities into their arsenal. whalersplonk, the  GitHub account  that hosted the repository, is no longer accessible. The PoC is said to have been committed on August 21, 2023, four days after the vulnerability was publicly announced. ...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks

PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks

Oct 14, 2022
A proof-of-concept (PoC) exploit code has been made available for the recently disclosed critical security flaw affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager, making it imperative that users move quickly to apply the patches. "FortiOS exposes a management web portal that allows a user to configure the system," Horizon3.ai researcher James Horseman  said . "Additionally, a user can SSH into the system which exposes a locked down CLI interface." The issue, tracked as  CVE-2022-40684  (CVSS score: 9.6), concerns an  authentication bypass  vulnerability that could allow a remote attacker to perform malicious operations on the administrative interface via specially crafted HTTP(S) requests. A successful exploitation of the shortcoming is tantamount to granting complete access "to do just about anything" on the affected system, including altering network configurations, adding malicious users, and intercepting network traffic. That said, ...
Expert Insights / Articles Videos
Cybersecurity Resources