Cisco Talos

Researchers discover EIP Stack Group OpENer information disclosure vulnerability

It is an out-of-bounds read vulnerability in the software that could allow an attacker to obtain sensitive information, cause a denial of service or carry out a distributed denial-of-service attack.

Necro Python bot adds new exploits and Tezos mining to its bag of tricks

Although the bot was first discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different C2 communications and the addition of new exploits for spreading.

Use-after-free vulnerability impacts WebKit browser engine

The WebKit browser engine contains a use-after-free flaw in its GraphicsContext function which could be triggered by a malicious web page to cause a potential information leak and memory corruption.

Multiple vulnerabilities discovered in Accusoft ImageGear

These vulnerabilities Talos discovered could allow an attacker to carry out various malicious actions, including corrupting memory on the victim machine and executing remote code.

Heap-based buffer overflow in Google Chrome could lead to code execution

Proper heap grooming can give an attacker full control of this heap overflow vulnerability (CVE-2021-21160), and as a result, could allow it to be turned into arbitrary code execution.

Information disclosure vulnerability spotted in macOS SMB server

The integer overflow vulnerability exists in the way macOS SMB server processes SMB3 compounded packets. An attacker could exploit this vulnerability by sending a specially crafted packet.

Transparent Tribe APT Expands its Windows Malware Arsenal with ObliqueRAT

Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations.

Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs

Lemon Duck remains relevant as the operators begin to target Microsoft Exchange servers, exploiting high-profile security vulnerabilities to drop web shells and carry out malicious activities.

Remote code execution vulnerabilities discovered in Cosori smart air fryer

CVE-2020-28592 and CVE-2020-28593 are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device to change temperatures, cooking times, and settings.

Vulnerability Spotlight: Multiple vulnerabilities in Synology DiskStation Manager

An attacker could exploit CVE-2021-26560, CVE-2021-26561, and CVE-2021-26562 with a man-in-the-middle technique to gain the ability to remotely execute code on the targeted device.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags