The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Software

10 Critical Flaws Found in CODESYS Industrial Automation Software

10 Critical Flaws Found in CODESYS Industrial Automation Software

June 04, 2021Ravie Lakshmanan
Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs). "To exploit the vulnerabilities, an attacker does not need a username or password; having network access to the industrial controller is enough," researchers from Positive Technologies  said . "The main cause of the vulnerabilities is insufficient verification of input data, which may itself be caused by failure to comply with the secure development recommendations." The Russian cybersecurity firm noted that it detected the vulnerabilities on a PLC offered by WAGO, which, among other automation technology companies such as Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, use CODESYS software for  programming and configuring  the controllers. CODESYS offers a development environment for programming controller applications for use in indus
Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software

Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software

May 24, 2021Ravie Lakshmanan
Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. "In a telco setting, where a telco is monitoring thousands of sites, if a customer site is fully compromised, an attacker can use the vulnerabilities to compromise the telco, and then every other monitored customer site," Adi Ashkenazy, CEO of Australian cybersecurity firm Skylight Cyber, told The Hacker News via email. Nagios is an open-source IT infrastructure tool analogous to SolarWinds Network Performance Monitor (NPM) that offers monitoring and alerting services for servers, network cards, applications, and services. The issues, which consist of a mix of authenticated remote code execution (RCE) and privilege escalation flaws, were discovered and reported to Nagios in October 2020, following which they were  remediated  in  November . Chief among them i
How to Conduct Vulnerability Assessments: An Essential Guide for 2021

How to Conduct Vulnerability Assessments: An Essential Guide for 2021

April 29, 2021The Hacker News
Hackers are scanning the internet for weaknesses all the time, and if you don't want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving this is performing a vulnerability assessment. Read this guide to learn how to perform vulnerability assessments in your organization and stay ahead of the hackers. Vulnerability assessment tools Vulnerability assessments are automated processes performed by scanners. This makes them accessible to a wide audience. Many of the scanners are geared towards cybersecurity experts, but there are solutions tailored for IT managers and developers in organizations without dedicated security teams.  Vulnerability scanners come in various types: some excel at network scanning, others at web applications, IoT devices, or container security. If you're a small business, you're likely to find
Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now

Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now

March 22, 2021Ravie Lakshmanan
The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system. Tracked as  CVE-2021-26295 , the flaw affects all versions of the software prior to  17.12.06  and employs an "unsafe deserialization" as an attack vector to permit unauthorized remote attackers to execute arbitrary code on a server directly. OFBiz  is a Java-based web framework for automating enterprise processes and offers a wide range of functionality, including accounting, customer relationship management, manufacturing operations management, order management, supply chain fulfillment, and warehouse management system, among others. Specifically, by exploiting this flaw, a malicious party can tamper with serialized data to insert arbitrary code that, when deserialized, can potentially result in remote code execution. "An unauthe
Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites

Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites

March 18, 2021Ravie Lakshmanan
A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it  released  an update (version 1.8.26) on March 10 addressing the issues. MyBB, formerly MyBBoard and originally MyBulletinBoard, is free and open-source forum software developed using PHP and MySQL. According to internet assets search engine Spyse, there are at least 2,100 potentially vulnerable domains that have MyBB installed. According to the researchers, the first issue — a nested auto URL persistent XSS vulnerability (CVE-2021-27889) — stems from how MyBB parses messages containing URLs during the rendering process, thus enabling any unprivileged forum user to embed stored XSS payloads into threads, p
Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

March 08, 2021Ravie Lakshmanan
Hackers with suspected ties to Iran are actively targeting academia, government agencies, and tourism entities in the Middle East and neighboring regions as part of an espionage campaign aimed at data theft. Dubbed "Earth Vetala" by Trend Micro, the latest finding expands on previous research  published by Anomali  last month, which found evidence of malicious activity aimed at UAE and Kuwait government agencies by exploiting ScreenConnect remote management tool.  The cybersecurity firm linked the ongoing attacks with moderate confidence to a threat actor widely tracked as  MuddyWater , an Iranian hacker group known for its offensives primarily against Middle Eastern nations. Earth Vetala is said to have leveraged spear-phishing emails containing embedded links to a popular file-sharing service called Onehub to distribute malware that ranged from password dumping utilities to custom backdoors, before initiating communications with a command-and-control (C2) server to exe
3 New Severe Security Vulnerabilities Found In SolarWinds Software

3 New Severe Security Vulnerabilities Found In SolarWinds Software

February 03, 2021Ravie Lakshmanan
Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges. Two of the flaws (CVE-2021-25274 and CVE-2021-25275) were identified in the SolarWinds Orion Platform, while a third separate weakness (CVE-2021-25276) was found in the company's Serv-U FTP server for Windows,  said  cybersecurity firm Trustwave in a technical analysis. None of the three vulnerabilities are believed to have been exploited in any "in the wild" attacks or during the unprecedented  supply chain attack  targeting the Orion Platform that came to light last December. The two sets of vulnerabilities in Orion and Serv-U FTP were disclosed to SolarWinds on December 30, 2020, and January 4, 2021, respectively, following which the company resolved the issues on January 22 and January 25. It's highly recommended that users install th
New Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices

New Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices

December 22, 2020Ravie Lakshmanan
The US Cybersecurity Infrastructure and Security Agency (CISA) has  warned  of critical vulnerabilities in a low-level TCP/IP software library developed by Treck that, if weaponized, could allow remote attackers to run arbitrary commands and mount denial-of-service (DoS) attacks. The four flaws affect Treck TCP/IP stack version 6.0.1.67 and earlier and were reported to the company by Intel. Two of these are rated critical in severity. Treck's embedded TCP/IP stack is deployed worldwide in manufacturing, information technology, healthcare, and transportation systems. The most severe of them is a heap-based buffer overflow vulnerability ( CVE-2020-25066 ) in the Treck HTTP Server component that could permit an adversary to crash or reset the target device and even execute remote code. It has a CVSS score of 9.8 out of a maximum of 10. The second flaw is an out-of-bounds write in the IPv6 component ( CVE-2020-27337 , CVSS score 9.1) that could be exploited by an unauthenticated
Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack

Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack

December 17, 2020Ravie Lakshmanan
The massive state-sponsored  espionage campaign  that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft's compromise was first reported by Reuters , which also said the company's own products were then used to strike other victims by leveraging its cloud offerings, citing people familiar with the matter. The Windows maker, however, denied the threat actor had infiltrated its production systems to stage further attacks against its customers. In a statement to The Hacker News via email, the company said — "Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or custom
What is Geocoding? — How to Find Coordinates of An Address

What is Geocoding? — How to Find Coordinates of An Address

December 16, 2020The Hacker News
How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet, it can also help web development by enhancing UX through reverse geocoding. Not to mention auto-completing forms to make the likes of checking-out easier. This article examines Geocode API, the premier provider of geocoding services. Read on to learn what the API offers, how it works, and what sets it apart. You'll discover how its free plan grants you access to 350.000 monthly requests! What is Geocoding? Geocoding describes  how to turn a location name or description and convert them into detailed coordinates. It also offers this service in reverse, i.e., convert coordinates into location information. Results can include: GPS coordinates Full address information Accuracy and
Download the Essential Guide to Response Automation

Download the Essential Guide to Response Automation

December 15, 2020The Hacker News
In the classic children's movie 'The Princess Bride,' one of the characters utters the phrase, " You keep using that word. I do not think it means what you think it means ." It's freely used as a response to someone's misuse or misunderstanding of a word or phrase. "Response Automation" is another one of those phrases that have different meanings to different people. It's bantered around by the security vendor community so much that its precise meaning, when used, is unclear. Many vendors throw the term out without explaining exactly what they mean by the phrase. One vendor's response automation might, and often do, perform very differently from another vendor's response automation capabilities. But, hey, they have "response automation!" A recently published guide is meant to make sense of Response Automation ( Download here ). It discusses the evolution of response automation and distinguishes five increasingly capabl
Nearly 18,000 SolarWinds Customers Installed Backdoored Software

Nearly 18,000 SolarWinds Customers Installed Backdoored Software

December 15, 2020Ravie Lakshmanan
SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most  consequential supply chain attacks , said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new filing made by the company to the US Securities and Exchange Commission on Monday. The Texas-based company serves more than 300,000 customers worldwide, including every branch of the US military and four-fifths of the Fortune 500 companies. The "incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by an outside nation state," SolarWinds said in the  regulatory disclosure , adding it "currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000." The company also reiterated in its  security advisory  that besides 2019.4 HF
Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games

December 10, 2020Ravie Lakshmanan
Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even perform a 'nuclear rage quit' and crash the Valve game server to end the game completely," Check Point Research's Eyal Itkin noted in an analysis published today. "Potentially even more damaging, attackers could remotely take over third-party developer game servers to execute arbitrary code." Valve is a popular US-based video game developer and publisher behind the game software distribution platform Steam and several titles such as Half-Life, Counter-Strike, Portal, Day of Defeat, Team Fortress, Left 4 Dead, and Dota. The four flaws (CVE-2020-6016 through CVE-2020-6019) were uncovered in Valve's Game Networking Sockets ( GNS ) or Steam Sockets libr
NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

December 07, 2020Ravie Lakshmanan
The US National Security Agency (NSA) on Monday issued an  advisory  warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the  VMware flaw  or when these attacks started were not disclosed. The development comes two weeks after the virtualization software company publicly disclosed the flaw—affecting VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector products for Windows and Linux—without releasing a patch and three days after releasing a software update to fix it. In late November, VMware pushed  temporary workarounds  to address the issue, stating permanent patches for the flaw were "forthcoming." But it wasn't until December 3rd the escalation-of-privileges bug was entirely resolved. That same day, the US Cybersecurity and Infrastructure Security Agenc
How Organizations Can Prevent Users from Using Breached Passwords

How Organizations Can Prevent Users from Using Breached Passwords

December 04, 2020The Hacker News
There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various systems in your environment, your organization may likely be an easy target without proper password security. An especially vulnerable type of password is a  breached password , a.k.a "pwned" password. What is a breached password? How do you discover breached passwords in your environment? How can organizations effectively protect their end-users from using these types of passwords? The Danger of Compromised Accounts The  IBM Cost of a Data Breach Report  2020 noted compromised credentials as one of the primary contributors to malicious data breaches in the report's key findings. It noted: "Stolen or compromised credentials were the
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.