Positive Technologies – WindowsTechs.com

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

Posted on October 22, 2024 by Zeljka Zorz

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Ro… Continue reading Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)→

Attackers are attempting to exploit critical F5 BIG-IP RCE

Posted on May 9, 2022 by Zeljka Zorz

Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, in-the-wild exploitation attempts have also been detected. CVE-2022-1388 PoC exploits Security researchers have started sharing evidence of their successful exploitation attempts of CVE-2022-1388 during the weekend: #CVE-2022-1388 successfully exploited. pic.twitter.com/P04K4PJsAN — Matus Bursa #strongertogether (@BursaMatus) May 9, 2022 🔥 We have reproduced the fresh CVE-2022-1388 in F5’s BIG-IP. Successful exploitation could lead to RCE from … More →

The post Attackers are attempting to exploit critical F5 BIG-IP RCE appeared first on Help Net Security.

Continue reading Attackers are attempting to exploit critical F5 BIG-IP RCE→

Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)

Posted on March 15, 2022 by Zeljka Zorz

Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be exploited by unauthenticated attackers to remotely execute malicious code. Veeam Bac… Continue reading Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)→

Ransomware attacks decrease, operators started rebranding

Posted on January 3, 2022 by Help Net Security

Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. However, there’s been an increase in the share of attacks against individuals, and also a rise in attacks invol… Continue reading Ransomware attacks decrease, operators started rebranding→

External attackers can penetrate most local company networks

Posted on December 28, 2021 by Help Net Security

In 93% of cases, external attackers can breach the organization’s network perimeter and gain access to local network resources, and it takes an average of two days to penetrate the company’s internal network. In 100% of companies analyzed, an ins… Continue reading External attackers can penetrate most local company networks→

Zoom patches vulnerabilities in its range of conferencing apps

Posted on November 16, 2021 by Help Net Security

Zoom has patched vulnerabilities in its range of local solutions for conferences, negotiations and recordings – Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector and others. The errors identified by Positive… Continue reading Zoom patches vulnerabilities in its range of conferencing apps→

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)

Posted on November 15, 2021 by Help Net Security

Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on multiple Intel processor lines, which could allow an unauthorized user with p… Continue reading Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)→

77% of rootkits are used for espionage purposes

Posted on November 5, 2021 by Help Net Security

In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or traces of intrusion in victim systems. The study finds that the majority of roo… Continue reading 77% of rootkits are used for espionage purposes→

Commerce Department blacklists controversial spyware company NSO Group

Posted on November 3, 2021 by Tonya Riley

The Commerce Department Wednesday added two Israeli spyware companies, NSO Group and Candiru, to its entity list of companies that pose a national security and foreign policy risk to the United States. The designation accuses both NSO Group and Candiru of having “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.” Inclusion on the list enacts stringent licensing requirements for exports to designated companies from U.S. businesses. Companies previously included on the list include Chinese firm Huawei, which the U.S. government has flagged as posing a risk to Americans’ data. Also added to the entity list Wednesday were Russia-based Positive Technologies and Singapore-based Computer Security Initiative. The Commerce Department accused the two companies of trafficking “cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide.” The […]

The post Commerce Department blacklists controversial spyware company NSO Group appeared first on CyberScoop.

Continue reading Commerce Department blacklists controversial spyware company NSO Group→

Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware

Posted on September 23, 2021 by Help Net Security

Ransomware attacks have reached ‘stratospheric’ levels in Q2 2021, now accounting for 69% of all attacks involving malware. That is among the most disturbing finding in the latest report from Positive Technologies. The research also reveals that the vo… Continue reading Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware→