Search
Items tagged with: vulnerability
#Windows #vulnerability reported by the #NSA exploited to install Russian #malware
When Microsoft patched the vulnerability in October 2022—at least two years after it came under #attack by the Russian hackers—the company made no mention that it was under active exploitation.
#patch #update #exploit #Russia #security #CyberSecurity #news #os #software #hack #hacker
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.Ars Technica
#CVE-2024-20356: #Jailbreaking a #Cisco appliance to run #DOOM
In this adventure, the Cisco #C195 device family was jailbroken in order to run unintended code. This includes the discovery of a vulnerability in the #CIMC body management controller which affects a range of different devices, whereby an authenticated high privilege user can obtain underlying root access to the server’s #BMC (CVE-2024-20356) which in itself has high-level access to various other components in the system. The end goal was to run DOOM – if a smart fridge can do it, why not Cisco?
source: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/
#software #security #bug #network #game #news #vulnerability #exploit #hack #hacker
CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM - LRQA Nettitude Labs
Exploiting remote code execution in Cisco's CIMC management system and jailbreaking the device to run untrusted codeAaron Thacker (LRQA Nettitude Labs)
🛑 Serious Backdoor in Linux 🛑
Check if you're on xz utils 5.6.0 or 5.6.1. You should probably downgrade...
e.g. Red Hat recommending immediate cease of using Fedora 40 / Fedora Rawhide: https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Looks like Debian Stable & Ubuntu LTS is mostly fine by now? (thanks @penguingeek )
Debian nightlies and testing aren't:
https://security-tracker.debian.org/tracker/CVE-2024-3094
#security #Linux #vulnerability #ssh #debian #fedora #backdoor
Urgent security alert for Fedora Linux 40 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access., (Red Hat)