Deutsch Español

Security Alerts

fraud-gedffcc7bb_1920.png

Incidents and Updates

25/11/2022 Update Chrome Browser!

Google's Chrome browser, with a global market share of a good 65 percent, has a buffer overflow in the GPU component. The zero-day vulnerability is already being exploited in the wild.

Chromium and Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also affected.

Users should update to version 107.0.5304.121/.122.

18/11/2022 Multiple Vulnarabilties in Zoom

Audinate, Dante Discovery, Zoom Rooms DLL Side Loading

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.

Source: Checkpoint

The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.

The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root.

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account.

Source: Zoom Security bulletin

17/11/2022 WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability

Update the WordPress wpForo Forum plugin to the latest available version (at least 2.1.0).

Source: patchstack

15/11/2022 16,000 WordPress sites compromised in SEO malware campaign

Malware modifies WordPress core files. Visitors to these pages are redirected to questionable portals in order to increase their Google ranking. The attack vector is still unknown.

PublicWWW results shows a list of affected sites.

Source: https://blog.sucuri.net/2...ign.html

14/11/2022 JTL is ending support for Gambio, Modified and Oxid shops.

According to JTL, there will be no more bug fixes and security updates at this point in time, JTL will no longer consider the special requirements of these connectors in the further development of JTL-Wawi.

The connectors should, however, continue to be available via Github.

9/11/2022 Microsoft Patchday

There are important security updates for Azure, Office, Windows & Co. Attackers already attack systems.

View Zero Day Inititive

3/11/2022 Google Play infested with malicious apps

Malwarebytes uncovered a set of four Android apps—created by the same developer—redirecting victims to infectious websites as part of an adware and information-stealing campaign.

Five malicious apps on the Google Play Store were found disseminating Vultur and SharkBot trojans. The apps had been downloaded 130,000 times.

The Play Store had removed 16 apps propagating Clicker. The Android malware had infected over 20 million users.

In September, researchers found 75 apps on Google Play and 10 on Apple’s App Store conducting ad fraud. The applications have been downloaded 13 million times.

Users are recommended to monitor their apps for malicious or suspicious activity.

Source: Cyware

3/11/2022 Faked downloadsites for SolarWinds, KeePass and PDF Reader Pro.

Trojan RomCom RAT is distributed over faked downloadsites for SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro.

Source: Hacker News

11/10/2022 Vulnerability in Zoom Clients allows session takeover

Affected: Zoom Client for Meetings for Android, iOS, Linux, macOS and Windows, Zoom VDI Windows Meeting Clients and Zoom Rooms for Conference Room for Android, iOS, Linux, macOS and Windows before version 5.12.2

Source: Zoom Security Bulletin

Powered by jazzy-software's siteEditTM - © Jazzy-Software SLU 2022