#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for exploited | Breaking Cybersecurity News | The Hacker News

Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

May 10, 2017
As part of this month's Patch Tuesday, Microsoft has released security patches for a total of 55 vulnerabilities across its products, including fixes for four zero-day vulnerabilities being exploited in the wild. Just yesterday, Microsoft released an emergency out-of-band update separately to patch a remote execution bug ( CVE-2017-0290 ) in Microsoft's Antivirus Engine that comes enabled by default on Windows 7, 8.1, RT, 10 and Server 2016 operating systems. The vulnerability, reported by Google Project Zero researchers, could allow an attacker to take over your Windows PC with just an email, which you haven't even opened yet. May 2017 Patch Tuesday — Out of 55 vulnerabilities, 17 have been rated as critical and affect the company's main operating systems, along with other products like Office, Edge, Internet Explorer, and the malware protection engine used in most of the Microsoft's anti-malware products. Sysadmins all over the world should prioriti
Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

Apr 14, 2020
It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity. Patches for 4 Zero-Days Exploited In the Wild Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the 3 are being actively exploited in the wild by hackers. One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users. Tracked as CVE-2020-10
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

Aug 29, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added 10 new actively exploited vulnerabilities to its  Known Exploited Vulnerabilities (KEV) Catalog , including a high-severity security flaw affecting industrial automation software from Delta Electronics. The issue, tracked as  CVE-2021-38406  (CVSS score: 7.8), impacts DOPSoft 2 versions 2.00.07 and prior. A successful exploitation of the flaw may lead to arbitrary code execution. "Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution," CISA said in an alert. It's worth noting that CVE-2021-38406 was originally disclosed as part of an industrial control systems (ICS) advisory  published  in September 2021. However, there are no patches that address the vulnerability, with CISA noting that the "impacted product is end-of-life and shoul
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

Nov 14, 2018
It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity. Two of the vulnerabilities patched by the tech giant this month are listed as publicly known at the time of release, and one flaw is reported as being actively exploited in the wild by multiple cybercriminal groups. Zero-Day Vulnerability Being Exploited by Cyber Criminals The zero-day vulnerability, tracked as CVE-2018-8589 , which is being exploited in the wild by multiple advanced persistent threat groups was first spotted and reported by security researchers from Kaspersky Labs. The flaw resides in the Win32k component (win32k.sys), which if exploited successfully, could allow a malicious program to execute arbitrary code
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Oct 25, 2022
Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827 , has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges. Successful exploitation of out-of-bounds write flaws, which typically occur when a program attempts to write data to a memory location that's outside of the bounds of what it is allowed to access, can result in corruption of data, a crash, or execution of unauthorized code. The iPhone maker said it addressed the bug with improved bounds checking, while crediting an anonymous researcher for reporting the vulnerability. As is usually the case with actively exploited zero-day flaws, Apple refrained from sharing more specifics about the shortcoming other than acknowledging that it's "aware of a report that this i
Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

Feb 02, 2015
Warning for Adobe users! Another zero-day vulnerability has been discovered in Adobe Flash Player   that is actively being exploited by cyber crooks in drive-by download attacks, security researchers warned today. This is for the third time in last few weeks when Adobe is dealing with a zero day vulnerability in Flash Player. The Adobe Flash Player Vulnerability identified as CVE-2015-0313 , exists in the latest version of Flash Player, i.e. version 16.0.0.296 and earlier. In late January, Adobe released an updated version of its Flash player software that patches zero-day vulnerability, tracked as CVE-2015-0311 , spotted by French security researcher Kafeine. This Adobe Flash Player Vulnerability was also being actively exploited via Malvertisement and drive-by-download attacks. In case of a "drive-by-download" attack, an attacker downloads a malicious software to a victim's computer without their knowledge or explicit consent. As a result, the flaw cou
Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

Oct 15, 2014
As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been exploiting to penetrate major corporations' networks. Just a day before yesterday, our team reported you about a Zero-day vulnerability discovered by the cyber intelligence firm iSight Partners affecting all supported versions of Microsoft Windows and is being exploited in a five-year old cyber-espionage campaign against the Ukrainian government and U.S organisations. Researchers at FireEye found two zero-day flaws, used in separate, unrelated attacks involving exploitation of Windows kernel, just a day after iSight partners disclosed zero-day in Windows. The pair of zero-day vulnerabilities could allow an attacker to access a victim's entire system. According to the res
Microsoft Releases Patches for 60 Flaws—Two Under Active Attack

Microsoft Releases Patches for 60 Flaws—Two Under Active Attack

Aug 14, 2018
Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two of these vulnerabilities patched by the tech giant is listed as publicly known and being exploited in the wild at the time of release. According to the advisory released by Microsoft, all 19 critical-rated vulnerabilities lead to remote code execution (RCE), some of which could eventually allow attackers to take control of the affected system if exploited successfully. Besides this, Microsoft has also addressed 39 important flaws, one moderate and one low in severity. Here below we have listed brief details of a few critical and publically exploited important vulnerabilities: Internet Explorer Memory Co
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

Jan 19, 2024 Cyber Theat / Zero-Day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday  added  a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities ( KEV ) catalog, stating it's being actively exploited in the wild. The vulnerability in question is  CVE-2023-35082  (CVSS score: 9.8), an authentication bypass that's a patch bypass for another flaw in the same solution tracked as CVE-2023-35078 (CVSS score: 10.0), which was actively exploited in attacks targeted Norwegian government entities as a zero-day in April 2023. "If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users' personally identifiable information and make limited changes to the server," Ivanti  noted  in August 2023. All versions of Ivanti Endpoint Manager Mobile (EPMM) 11.10, 11.9 and 11.8, and MobileIron Core 11.7 and below are impacted by the vulnerability. Cyb
Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities

Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities

Aug 04, 2023 Software Security / Cyber Theat
A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," cybersecurity and intelligence agencies from the Five Eyes nations, which comprises Australia, Canada, New Zealand, the U.K., and the U.S.,  said  in a joint alert. The continued weaponization of  CVE-2018-13379 , which was also one among the most exploited bugs in  2020  and  2021 , suggests a failure on the part of organizations to apply patches in a timely manner, the authorities said. "Malicious cyber actors likely prioritize developing exploits for severe and globally prevalent CVEs," according to the advisory. "While sophisticated actors also develop tools to exploit other vulnerabilities, developing exploits for cri
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

Oct 21, 2023 Zero-Day / Vulnerability
Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a  malicious Lua-based implant  on susceptible devices. Tracked as  CVE-2023-20273  (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 (CVSS score: 10.0) as part of an exploit chain. "The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination," Cisco  said  in an updated advisory published Friday. "This allowed the user to log in with normal user access." "The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system," a shortcoming that has been assigned the identifier CVE-2023-20273. A Cisco spokesperson told The Hacker News that a fix that cove
Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw

Feb 11, 2022
Apple on Thursday released security updates for  iOS, iPadOS ,  macOS , and  Safari  to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and could be exploited by a piece of specially crafted web content to gain arbitrary code execution.  "Apple is aware of a report that this issue may have been actively exploited," the company said in a terse statement acknowledging in-the-wild attacks leveraging the flaw. The iPhone maker credited an anonymous researcher for discovering and reporting the flaw, adding it remediated the issue with improved memory management. The updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

Apr 12, 2023 Patch Tuesday / Software Updates
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix  a total of 97 flaws  impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20 elevation of privilege vulnerabilities. The updates also follow fixes for 26 vulnerabilities in its Edge browser that were released over the past month. The security flaw that's come under active exploitation is  CVE-2023-28252  (CVSS score: 7.8), a privilege escalation bug in the Windows Common Log File System (CLFS) Driver. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in an advisory, crediting researchers Boris Larin, Genwei Jiang, and Quan Jin for reporting the issue. CVE-2023-28252 is the fourth privilege escalation
Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

May 04, 2021
Apple on Monday released security updates for  iOS ,  macOS , and  watchOS  to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing an adversary to execute arbitrary code on target devices. A summary of the three security bugs are as follows - CVE-2021-30663:  An integer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addressed with improved input validation. CVE-2021-30665:  A memory corruption issue that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addressed with improved state management. CVE-2021-30666:  A buffer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addr
U.S. Cybersecurity Agency Lists 2021's Top 15 Most Exploited Software Vulnerabilities

U.S. Cybersecurity Agency Lists 2021's Top 15 Most Exploited Software Vulnerabilities

Apr 28, 2022
Log4Shell ,  ProxyShell ,  ProxyLogon ,  ZeroLogon , and flaws in  Zoho ManageEngine AD SelfService Plus ,  Atlassian Confluence , and  VMware vSphere Client  emerged as some of the top exploited security vulnerabilities in 2021. That's according to a " Top Routinely Exploited Vulnerabilities " report released by cybersecurity authorities from the Five Eyes nations Australia, Canada, New Zealand, the U.K., and the U.S. Other frequently weaponized flaws included a remote code execution bug in Microsoft Exchange Server ( CVE-2020-0688 ), an arbitrary file read vulnerability in Pulse Secure Pulse Connect Secure ( CVE-2019-11510 ), and a path traversal defect in Fortinet FortiOS and FortiProxy ( CVE-2018-13379 ). Nine of the top 15 routinely exploited flaws were remote code execution vulnerabilities, followed by two privilege escalation weaknesses, and one each of security feature bypass, arbitrary code execution, arbitrary file read, and path traversal flaws. "G
Cybersecurity Resources