A privilege escalation from Chrome extensions (2023)

https://0x44.xyz/blog/cve-2023-4369/

#HackerNews #privilegeEscalation #ChromeExtensions #CVE2023 #cybersecurity #hackernews

🚨 Cybersecurity alert! Protect your system from the Black Lotus vulnerability (CVE-2023-24932) targeting Secure Boot. Here's what admins need to know to safeguard their devices. 🛡️ Don’t wait until it’s too late. Learn how to act now #CyberSecurity #InfoSec #CVE2023

https://pupuweb.com/how-to-protect-your-system-from-black-lotus-vulnerability-cve-2023-24932/

Foxit PDF Reader Users Targeted by Malicious PDF Exploit

Date: May 15, 2024
CVE: CVE-2023-36033
Vulnerability Type: Remote Code Execution (RCE)
CWE: [[CWE-20]], [[CWE-78]], [[CWE-94]]
Sources: GBHackers, Checkpoint Research

Issue Summary

Researchers have identified a critical vulnerability in Foxit PDF Reader that allows attackers to execute malicious code on users' systems by exploiting a design flaw in the application's security warnings. The flaw makes it easy for attackers to trick users into approving malicious actions, leading to unauthorized access and data theft.

Technical Key Findings

The vulnerability stems from Foxit Reader's handling of security warnings, which default to an "OK" option. This flaw enables attackers to craft malicious PDFs that, when opened, prompt the user to approve actions unknowingly. Once approved, these actions can download and execute malicious code from a remote server, bypassing standard security detections.

Vulnerable Products

• Foxit Reader

Impact Assessment

Exploitation of this vulnerability can lead to severe consequences, including unauthorized access to sensitive data, remote control of the affected device, and the ability to deploy various malware such as VenomRAT, Agent-Tesla, and others. This can result in data breaches, espionage, and further propagation of malware.

Patches or Workarounds

Foxit has acknowledged the issue and that it would be resolved in version 2024 3.

Tags

#FoxitPDF #CVE2023-36033 #RemoteCodeExecution #Malware #CyberSecurity #APT #VulnerabilityPatch #DataBreach

Addressing the Ivanti Pulse Secure Vulnerability: A Call to Action Against Emerging Cyber Threats

https://zurl.co/IQTd
#Cybersecurity #InfoSec #IvantiPulseSecure #CVE2023 #CVE2024 #MiraiBotnet #NetworkSecurity #CyberAttack #DataProtection #SOClogix

"🚨 Critical OpenShift Update 🚨 - Securing Kubernetes Deployments"

Red Hat has released a critical update for OpenShift Container Platform 4.12.51, addressing multiple security vulnerabilities and enhancing stability. This update patches several security issues, including a notable path traversal and RCE vulnerability in go-git (CVE-2023-49569) and a DoS risk in go-git clients (CVE-2023-49568). Users are urged to apply this critical update to maintain system security and integrity.

Tags: #OpenShift #RedHat #CyberSecurity #Kubernetes #PatchTuesday #CVE2023

Read more about the update: RHSA-2024:1052

MITRE CVE-2023-49569 | MITRE CVE-2023-49568

"🚨 Juniper Secure Analytics Patch Alert 🚨 - CVE-2023-37920 Leads the Charge with a CVSS 9.8 Rating!"

Juniper Networks has issued a critical update for Juniper Secure Analytics (JSA), patching multiple vulnerabilities, with CVE-2023-37920 standing out with a CVSS score of 9.8. These flaws span various components and could lead to severe consequences including unauthorized access and denial of service. Users are urged to update to 7.5.0 UP7 IF05 to mitigate these risks. 🛡️💻🔐

Tags: #CyberSecurity #JuniperNetworks #VulnerabilityManagement #PatchTuesday #InfoSec #NetworkSecurity #CVE2023

For more details, visit the Juniper Support Portal.

"Critical RCE Flaw Uncovered in SolarWinds Access Rights Manager 🚨 #CVE2023-40057"

A newly discovered deserialization vulnerability in SolarWinds Access Rights Manager (versions up to 2023.2.2) poses a severe risk, enabling remote code execution. Classified as very critical with a CVSS score of 8.9, this flaw (CVE-2023-40057) could allow authenticated users to execute arbitrary code remotely. Despite its high impact on confidentiality, integrity, and availability, no exploit is currently available. The vulnerability underscores the importance of validating deserialized data to prevent unauthorized access. No mitigation measures have been identified yet, emphasizing the need for heightened vigilance and potential product alternatives.

Stay informed: CVE-2023-40057 Details

Tags: #CyberSecurity #Vulnerability #SolarWinds #RemoteCodeExecution #RCE #Deserialization #CVE2023-40057 #InfoSec 🛡️💡🔒

"🚨 CVE-2023-28807 - Domain Fronting Evasion in ZIA 🚨"

An evasion technique identified as CVE-2023-28807, allows attackers to bypass Zscaler Internet Access (ZIA)'s domain fronting detection by exploiting a mismatch between Connect Host and Server Name Indication (SNI) in Client Hello messages. The vulnerability exploits how ZIA handles the SNI field during the TLS handshake process. The SNI is intended to indicate which host the client wants to connect to within a shared hosting environment, allowing the server to present the correct certificate for that host. However, due to this vulnerability, an attacker can manipulate the SNI in such a way that the security mechanisms fail to correctly identify and filter malicious traffic, enabling the attacker to hide malicious activities within what appears to be legitimate traffic.
This vulnerability, discovered and addressed by Zscaler. Users are urged to upgrade to version 6.2r.290 to mitigate this risk. 🛡️💻🔐

Source: Zscaler & VulDB

Tags: #Cybersecurity #CVE2023 #DomainFronting #Zscaler #NetworkSecurity #EvasionTechniques #MITREATTACK MITRE - T1587.003 🌍🔒🔍

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

"🚨 iPhone Triangulation: A New Era in Hardware-Level Cyber Espionage 🚨"

Kaspersky's recent findings reveal a concerning truth in the world of cyber warfare. They've named it "Operation Triangulation.". This spyware campaign, active since 2019, hijacks iPhones using four zero-day vulnerabilities, including CVE-2023-41990, CVE-2023-32434, CVE-2023-32435, and CVE-2023-38606. The technical report on "Operation Triangulation: The Last Hardware Mystery" reveals a sophisticated cyberattack targeting iPhones. This attack utilized a zero-click iMessage exploit involving four zero-days, capable of affecting iOS versions up to 16.2.

The exploit chain began with a malicious iMessage attachment exploiting the CVE-2023-41990 vulnerability in an undocumented TrueType font instruction. This led to privilege escalation through a complex JavaScript exploit, leveraging the JavaScriptCore debugging feature and an integer overflow vulnerability (CVE-2023-32434) for broader access.

A key aspect of this attack was bypassing hardware-based security in recent iPhone models using a hardware feature of Apple-designed SoCs, mitigated as CVE-2023-38606. The exploit's sophistication and ability to circumvent advanced hardware-based protections leave us with the big question; Since this feature is not used by the firmware, how did the attackers know how to take advantage of it?

#CyberSecurity #InfoSec #iPhoneTriangulation #ZeroDay #CVE2023 #AppleSecurity #HardwareExploits #Kaspersky #BleepingComputer 📱🔒💻

Sources:

• BleepingComputer: Article by Bill Toulas
• Securelist: Analysis by Boris Larin & Team