Search results for remote code execution | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed multiple critical security flaws in the  TorchServe tool  for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities  ShellTorch . "These vulnerabilities [...] can lead to a full chain Remote Code Execution (RCE), leaving countless thousands of services and end-users — including some of the world's largest companies — open to unauthorized access and insertion of malicious AI models, and potentially a full server takeover," security researchers Idan Levcovich, Guy Kaplan, and Gal Elbaz  said . The list of flaws, which have been addressed in  version 0.8.2 , is as follows - No CVE - Unauthenticated management interface API misconfiguration that binds it to 0.0.0.0 by default instead of localhost, making it accessible to external requests. CVE-2023-43654  (CVS

Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim's network to deploy file-encrypting payloads on targeted systems. "Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate that this vulnerability will continue to see more widespread adoption and incorporation by various adversaries moving forward," Cisco Talos  said  in a report published Thursday, corroborating an  independent analysis  from CrowdStrike, which observed instances of Magniber ransomware infections targeting entities in South Korea. While Magniber ransomware was first spotted in late 2017 singling out victims in South Korea through malvertising campaigns, Vice Society is a new entrant that emerged on the ransomware landscape in mid-2021, primarily targeting public school districts and other educational institutions.

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

This week you have quite a long list of updates to follow from Microsoft, Adobe as well as Firefox. Despite announcing plans to kill its monthly patch notification for Windows 10, the tech giant has issued its May 2015 Patch Tuesday , releasing 13 security bulletins that addresses a total of 48 security vulnerabilities in many of their products. Separately, Adobe has also pushed a massive security update to fix a total of 52 vulnerabilities in its Flash Player, Reader, AIR and Acrobat software. Moreover, Mozilla has fixed 13 security flaws in its latest stable release of Firefox web browser, Firefox 38, including five critical flaws. First from the Microsoft's side: MICROSOFT PATCH TUESDAY Three out of 13 security bulletins issued by the company are rated as 'critical', while the rest are 'important' in severity, with none of these vulnerabilities are actively exploited at this time. The affected products include Internet Explorer (IE),

Times to gear up your systems and software. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity. This month's security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET Framework, Microsoft.Data.OData, ASP.NET, and more. Four of the security vulnerabilities patched by the tech giant this month have been listed as "publicly known" and more likely exploited in the wild at the time of release. CVE-2018-8475: Windows Critical RCE Vulnerability One of the four publicly disclosed vulnerabilities is a critical remote code execution flaw ( CVE-2018-8475 ) in Microsoft Windows and affects all versions Windows operating system, including Windows 10. The Windows RCE vulnerability resides in the way Windows handles specially cra

Multiple security vulnerabilities have been disclosed in the  Exim mail transfer agent  that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114  (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability CVE-2023-42115  (CVSS score: 9.8) - Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2023-42116  (CVSS score: 8.1) - Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability CVE-2023-42117  (CVSS score: 8.1) - Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability CVE-2023-42118  (CVSS score: 7.5) - Exim libspf2 Integer Underflow Remote Code Execution Vulnerability CVE-2023-42119  (CVSS score: 3.1) - Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability The most severe of the vulnerabilities is CVE-2023-

It's time to gear up for the latest June 2018 Microsoft security patch updates. Microsoft today released security patch updates for more than 50 vulnerabilities, affecting Windows, Internet Explorer, Edge, MS Office, MS Office Exchange Server, ChakraCore, and Adobe Flash Player—11 of which are rated critical and 39 as important in severity. Only one of these vulnerabilities, a remote code execution flaw ( CVE-2018-8267 ) in the scripting engine, is listed as being publicly known at the time of release. However, none of the flaws are listed as under active attack. Discovered by security researcher Dmitri Kaslov, the publicly known vulnerability is a remote memory-corruption issue affecting Microsoft Internet Explorer. The flaw exists within the IE rendering engine and triggers when it fails to properly handle the error objects, allowing an attacker to execute arbitrary code in the context of the currently logged-in user. Microsoft has also addressed an important vulnera

Hey Webmasters, are you using Memcached to boost the performance of your website? Beware! It might be vulnerable to remote hackers. Three critical Remote Code Execution vulnerabilities have been reported in Memcached by security researcher Aleksandar Nikolich at Cisco Talos Group that expose major websites, including Facebook, Twitter, YouTube, Reddit, to hackers. Memcached is a fabulous piece of open-source distributed caching system that allows objects to be stored in memory. It has been designed to speed up dynamic web applications by reducing stress on the database that helps administrators to increase performance and scale web applications. Memcached is widely used by thousands upon thousands of websites, including popular social networking sites such as Facebook, Flickr, Twitter, Reddit, YouTube, Github, and many more. Nikolich says that he discovered multiple integer overflow bugs in Memcached that could be exploited to remotely run arbitrary code on the targeted s

Yahoo! was recently impacted by a critical web application vulnerabilities which left website's database and server vulnerable to hackers. A cyber security expert and penetration tester, Ebrahim Hegazy a.k.a Zigoo from Egypt , has found a serious SQL injection vulnerability in Yahoo's website that allows an attacker to remotely execute any commands on its server with Root Privileges. According to Hegazy blog post , the SQLi vulnerability resides in a domain of Yahoo! website i.e. https://innovationjockeys.net/tictac_chk_req.php . Any remote user can manipulate the input to the " f_id " parameter in the above URL, which could be exploited to extract database from the server. While pentesting, he found username and password ( encoded as Base64 ) of Yahoo!' admin panel stored in the database. He decoded the Administrator Password and successfully Logged in to the Admin panel. Furthermore, SQL injection flaw also facilitate the attacker to exploit Remote Cod

Microsoft's  Patch Tuesday update  for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known at the time of release. It's worth pointing out that Microsoft separately  addressed 21 flaws  in the Chromium-based Microsoft Edge browser earlier this month. All the three critical vulnerabilities remediated this month are remote code execution flaws impacting HEVC Video Extensions ( CVE-2022-22006 ), Microsoft Exchange Server ( CVE-2022-23277 ), and VP9 Video Extensions ( CVE-2022-24501 ). The Microsoft Exchange Server vulnerability, which was reported by researcher Markus Wulftange, is also noteworthy for the fact that it requires the attacker to be authenticated to be able to

Microsoft has patched a total of  74 flaws  in its software as part of the company's Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical, 67 Important, and one Moderate severity vulnerabilities. Released along with the security improvements are two defense-in-depth updates for Microsoft Office ( ADV230003 ) and the Memory Integrity System Readiness Scan Tool ( ADV230004 ). The updates are also in addition to 30 issues addressed by Microsoft in its Chromium-based Edge browser since last month's Patch Tuesday edition and one side-channel flaw impacting certain processor models offered by AMD ( CVE-2023-20569  or  Inception ). ADV230003 concerns an already known security flaw tracked as  CVE-2023-36884 , a remote code execution vulnerability in Office and Windows HTML that has been actively exploited by the Russia-linked RomCom threat actor in attacks targeting Ukraine as well as pro-Ukr

Microsoft on Tuesday kicked off its first set of updates for 2022 by  plugging 96 security holes  across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated Important in severity, with six zero-day publicly known at the time of the release. This is in addition to  29 issues  patched in Microsoft Edge on January 6, 2022. None of the disclosed bugs are listed as under attack. The patches cover a swath of the computing giant's portfolio, including Microsoft Windows and Windows Components, Exchange Server, Microsoft Office and Office Components, SharePoint Server, .NET Framework, Microsoft Dynamics, Open-Source Software, Windows Hyper-V, Windows Defender, and Windows Remote Desktop Protocol (RDP). Chief among them is  CVE-2022-21907  (CVSS score: 9.8), a remote code execution vulnerability rooted in the HTTP Protocol Stack. "In

Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it. Dnsmasq is a widely used lightweight network application tool designed to provide DNS (Domain Name System) forwarder, DHCP (Dynamic Host Configuration Protocol) server, router ads and network boot services for small networks. Dnsmasq comes pre-installed on various devices and operating systems, including Linux distributions such as Ubuntu and Debian, home routers, smartphones and Internet of Things (IoT) devices. A shodan scan for "Dnsmasq" reveals around 1.1 million instances worldwide. Recently, Google's security team reviewed Dnsmasq and discovered seven security issues, including DNS-related remote code execution, information disclosure, and denial-of-service (DoS) issues that can be triggered via DNS or DHCP. &q

Facebook has paid out its largest Bug Bounty ever of $33,500 to a Brazilian security researcher for discovering and reporting a critical Remote code execution vulnerability, which potentially allows the full control of a server. In September, ' Reginaldo Silva' found an XML External Entity Expansion vulnerability affecting the part of Drupal that handled OpenID, which allows attacker to read any files on the webserver. As a feature, Facebook allows users to access their accounts using OpenID in which it receives an XML document from 3rd service and parse it to verify that it is indeed the correct provider or not i.e. Receives at https://www.facebook.com/openid/receiver.php  In November 2013, while testing Facebook's ' Forgot your password ' functionality, he found that the OpenID process could be manipulated to execute any command on the Facebook server remotely and also allows to read arbitrary files on the webserver. In a Proof-of-Concept ,

As much as you protect your electronics from being hacked, hackers are clever enough at finding new ways to get into your devices. But, you would hope that once a flaw discovered it would at least be fixed in few days or weeks, but that's not always the case. A three-year-old security vulnerability within a software component used by more than 6.1 Million smart devices still remains unpatched by many vendors, thereby placing Smart TVs, Routers, Smartphones, and other Internet of Things (IoT) products at risk of exploit. Security researchers at Trend Micro have brought the flaw to light that has been known since 2012 but has not been patched yet. Remote Code Execution Vulnerabilities  Researchers discovered a collection of Remote Code Execution (RCE) vulnerabilities in the Portable SDK for UPnP , or libupnp component – a software library used by mobile devices, routers, smart TVs, and other IoT devices to stream media files over a network. The flaws occur du