Hacker News with Generative AI: Vulnerabilities

Over 660k Rsync servers exposed to code execution attacks (bleepingcomputer.com)
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers.

Security, Server Security, Vulnerabilities

19 points by nimar 19 hours ago | 5 comments

Rsync vulnerabilities (openwall.com)
Two independent groups of researchers have identified a total of 6 vulnerabilities in rsync. In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.

Security, Vulnerabilities, Software, Open Source

144 points by pavodive 3 days ago | 22 comments

Rsync: Vulnerabilities (openwall.com)
Two independent groups of researchers have identified a total of 6 vulnerabilities in rsync. In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.

Security, Vulnerabilities, Software, Networking

31 points by todsacerdoti 3 days ago | 3 comments

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass (oasis.security)
Oasis Security's research team uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) implementation, allowing attackers to bypass it and gain unauthorized access to the user’s account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more. Microsoft has more than 400 million paid Office 365 seats, making the consequences of this vulnerability far-reaching.

Cybersecurity, Microsoft Azure, MFA, Vulnerabilities, Cloud Security

33 points by doener 37 days ago | 43 comments

AMD's trusted execution environment blown wide open by new BadRAM attack (arstechnica.com)
One of the oldest maxims in hacking is that once an attacker has physical access to a device, it’s game over for its security.

Security, AMD, Hardware, Vulnerabilities, Hacking

144 points by alecco 38 days ago | 45 comments

Analyzing an iOS vulnerability that could expose sensitive data to attackers (jamf.com)
Jamf Threat Labs has discovered a bypass vulnerability in the Transparency, Consent and Control (TCC) subsystem in iOS that fails to notify users when another application tries to access sensitive information such as photos, GPS location, contacts and more. Read on to learn more about our findings.

Security, iOS, Vulnerabilities, Mobile Devices

8 points by edmn 39 days ago | 0 comments

Working with PaloAlto to identify CVE-2024-2550 (ac3.com.au)
AC3 are a secure managed services provider focused on building, running and security mission critical environments.

Security, Vulnerabilities, Managed Services

42 points by lidder86 47 days ago | 19 comments

Synology patches unannounced multiple zero-day vulnerabilities (synology.com)
The vulnerability reported in ZDI-CAN-25403 allows remote attackers to execute arbitrary code.

Security, Vulnerabilities, Zero-day, Synology, Patching

62 points by guiambros 51 days ago | 11 comments

7-Zip Remote Code Execution Vulnerability Analysis (CVE-2024-11477) [video] (youtube.com)

Security, Vulnerabilities, 7-Zip, Video

4 points by akyuu 51 days ago | 1 comments

Listen to the whispers: web timing attacks that work (portswigger.net)
Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.

Security, Web Development, Vulnerabilities

188 points by saikatsg 57 days ago | 33 comments

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (bleepingcomputer.com)
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04.

Security, Ubuntu, Linux, Vulnerabilities

14 points by gregjor 58 days ago | 7 comments

A new vulnerability on IPv6 parsing in linux (nist.gov)
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address

Security, Linux, Networking, Vulnerabilities

36 points by flyahn06 66 days ago | 5 comments

D-Link won't fix critical flaw affecting 60k older NAS devices (bleepingcomputer.com)
More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

Cybersecurity, Network Security, Hardware, Vulnerabilities, End-of-Life Products

4 points by benkan 67 days ago | 3 comments

D-Link won't fix critical flaw affecting 60k older NAS devices (bleepingcomputer.com)
More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

Cybersecurity, Hardware, Vulnerabilities, End-of-Life Products

7 points by akyuu 67 days ago | 0 comments

Google sees 68% drop in Android memory safety flaws over 5 years (bleepingcomputer.com)
The percentage of Android vulnerabilities caused by memory safety issues has dropped from 76% in 2019 to only 24% in 2024, representing a massive decrease of over 68% in five years.

Android, Security, Vulnerabilities, Software, Trends

19 points by pmontra 68 days ago | 2 comments

Multiple new macOS sandbox escape vulnerabilities (jhftss.github.io)
In the macOS system, most processes are running in a restricted sandbox environment, whether they are Apple’s own services or third-party applications. Consequently, once an attacker gains Remote Code Execution (RCE) from these processes, their capabilities are constrained. The next step for the attacker is to circumvent the sandbox to gain enhanced execution capabilities and broader file access permissions.

Security, macOS, Vulnerabilities, Programming

582 points by transpute 71 days ago | 190 comments

Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (theregister.com)
Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.

Cybersecurity, Networking, Cisco, Vulnerabilities, Software

7 points by mooreds 72 days ago | 0 comments

Almost Secure (2011) (debugmo.de)
Vulnerabilities are like good ideas - you’re rarely the first one dealing with it. Some vulnerabilities are almost classic, so I’ll proudly present: 7 old but surprisingly useful bugs that might also affect YOUR device.

Security, Vulnerabilities, Software, Mobile Devices

23 points by Smaug123 79 days ago | 1 comments

Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey (pspaul.de)
Last year, @swapgs and I found a fun bug in the popular enterprise VPN solution Zscaler.

Security, Web Security, Vulnerabilities

93 points by todsacerdoti 81 days ago | 6 comments

Attacking the Samsung Galaxy A* Boot Chain (quarkslab.com)
We discovered several vulnerabilities impacting the boot chain of several Samsung devices. Chained together, they allow us to execute code in the bootloader, get root access on Android with persistency, and finally leak anything from the Secure World's memory including the Android Keystore keys.

Security, Android, Samsung, Bootloader, Vulnerabilities

25 points by sipofwater 87 days ago | 7 comments

Firefox use-after-free RCE (nist.gov)
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.

Security, Firefox, Vulnerabilities

5 points by erdaniels 93 days ago | 0 comments

VSCode for Linux remote code execution vulnerability (github.com/microsoft)
There is a security vulnerability in the save elevated flow with specially crafted workspaces.

Security, Vulnerabilities, Linux, VSCode

3 points by bananaquant 94 days ago | 0 comments

CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (theregister.com)
The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in its Known Exploited Vulnerabilities (KEV) catalog.

Cybersecurity, Vulnerabilities, Fortinet, Ivanti, CISA

4 points by LinuxBender 100 days ago | 0 comments

Mozilla fixes Firefox zero-day actively exploited in attacks (bleepingcomputer.com)
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks.

Security, Web Browsers, Vulnerabilities, Firefox

196 points by timokoesters 100 days ago | 143 comments

Systems used by courts and governments across US riddled with vulnerabilities (arstechnica.com)
Public records systems that courts and governments rely on to manage voter registrations and legal filings have been riddled with vulnerabilities that made it possible for attackers to falsify registration databases and add, delete, or modify official documents.

Cybersecurity, Government, Law, Public Records, Vulnerabilities

12 points by samizdis 109 days ago | 1 comments

Bugs Found in CUPS (thestack.technology)
Details of several critical Linux vulnerabilities that the security community has been awaiting have landed – they involve bugs in CUPS, the Common UNIX Printing System.

Security, Linux, Vulnerabilities, Printing

9 points by achenet 113 days ago | 1 comments

9.9 Linux CVE (threadreaderapp.com)
Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.

Security, Linux, Vulnerabilities

8 points by Palmik 114 days ago | 2 comments

A 9.9 CVE has been announced for Linux (twitter.com)

Security, Linux, Vulnerabilities

73 points by alexzeitler 114 days ago | 23 comments

Severe unauthenticated RCE flaw in GNU/Linux systems awaiting full disclosure (securityonline.info)
A critical security vulnerability affecting all GNU/Linux systems—and potentially others—has been identified by renowned security researcher Simone Margaritelli.

Security, Linux, Vulnerabilities, Cybersecurity

6 points by bloak 115 days ago | 0 comments

Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability (coffinsec.com)
The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-20017, assessed its impact and developed mitigation measures for the vulnerability.

Cybersecurity, Software, Vulnerabilities, MediaTek, Wi-Fi

259 points by pjf 119 days ago | 103 comments