Hacks

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the  SaltStack configuration framework , a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. Tracked as  CVE-2020-11651  and  CVE-2020-11652 , the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The issues were fixed by SaltStack in a  release  published on April 29th. "We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours," F-Secure researchers had previously warned in an advisory last week. LineageOS, a maker of an open-source operating system based on Android, said it detected the intrusion on May 2nd at around 8 pm Pacific Time. "Around 8 pm PST on May 2nd, 2020, an attacker used a CVE in our SaltStack master to gain access to our infrastructure," the...

Researchers observed two new hackers groups abusing two DrayTek Routers’ zero-day vulnerabilities to exploit the enterprise network routers and perform a series of attacks. Recently we have  reported  a similar attack in which hackers hijack Home Routers & Change The DNS Settings to implant malware via a malicious website. This is another new wave of attack where attackers using zero-day bugs to perform attacks including eavesdropping on device’s network traffic, running SSH services on high ports, creating system backdoor accounts, and implanting specific malicious Web Session backdoor. The ongoing zero-day attack was initially disclosed on December 25, 2019, with an indicator of compromise (IOC), and it is highly weaponized in nature. 360 Netlab @360Netlab #0-day Since 2019-12-04 08:22:29 (UTC), we have been witnessing ongoing 0 day attack targeting a network CPE vendor (not the big players, but there are about ~100,000 devices online accor...

Patch Tuesday Microsoft released a security update for February under Patch Tuesday with the fixes for 99 vulnerabilities that affected various Microsoft products, including Actively exploited Internet Explorer zero-day vulnerability. Microsoft recently achieved a big milestone of 1 billion Windows 10 users, and Microsoft issued current security updates for all the Windows 10 users. Microsoft listed 12 vulnerabilities under “Critical” severity, 87 are listed as Important in severity out of 99 vulnerabilities. The February security release consists of security updates for the following software: Microsoft Windows Microsoft Edge (EdgeHTML-based) Microsoft Edge (Chromium-based) ChakraCore Internet Explorer Microsoft Exchange Server Microsoft SQL Server Microsoft Office and Microsoft Office Services and Web Apps Windows Malicious Software Removal Tool Windows Surface Hub This updates fixed one of the notable actively exploited  internet explorer zero-day vuln...