HKCERT News
- VMware warns admins to patch ESXi servers, disable OpenSLP service February 6, 2023VMware warned customers today to install the latest security updates and disable the OpenSLP service targeted in a large-scale campaign of ransomware attacks against Internet-exposed and vulnerable ESXi servers. […]
- Researcher breaches Toyota supplier portal with info on 14,000 partners February 6, 2023Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. […]
- VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree February 6, 2023VMware on Monday said it found no evidence that threat actors are leveraging an unknown security flaw, i.e., a zero-day, in its software as part of an ongoing ransomware attack spree worldwide. "Most reports state that End of General Support...
- Exploit released for RCE zero-day vulnerability in GoAnywhere MFT February 6, 2023Exploit code has been released for a zero-day remote code execution vulnerability affecting Internet-exposed GoAnywhere MFT administrator consoles. […]
- New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers February 3, 2023VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team...
- Bermuda hit by major internet and power outage February 3, 2023Bermuda experienced a widespread power outage on Friday which impacted the island's internet and phone services. Calling it a "serious incident" at BELCO, the Bermudian power supplier, the government has advised customers to "unplug all sensitive electrical equipment" as crews work...
- LockBit ransomware goes 'Green,' uses new Conti-based encryptor February 1, 2023The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware. […]
- Google Fi data breach let hackers carry out SIM swap attacks February 1, 2023Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks. [....
- PoS malware can block contactless payments to steal credit cards January 31, 2023New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. […]
- Over 29,000 QNAP devices unpatched against new critical flaw January 31, 2023Tens of thousands of QNAP network-attached storage (NAS) devices exposed online are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. […]
HKCERT
- Google Chrome Multiple Vulnerabilities February 8, 2023Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, privilege escalation, security restriction bypass, denial of service and sensitive information disclosure on the targeted system. Impact Remote Code Execution Information Disclosure Denial of Service Elevation of Privilege Security Restriction Bypass System / Technologies affected […]
- IBM MQ Denial of Service Vulnerability February 7, 2023A vulnerability has been identified in IBM MQ. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected IBM MQ 9.2 LTS IBM MQ 9.3 LTS IBM MQ 9.2 CD IBM MQ 9.3 CD Solutions Before installation of the software, […]
- SUSE Linux Kernel Multiple Vulnerabilities February 7, 2023Multiple vulnerabilities were identified in SUSE Linux. A attacker could exploit some of these vulnerabilities to trigger denial of service condition and elevation of privilege on the targeted system. [Updated on 2023-02-08] Updated System / Technologies affected, Solutions, Vulnerability Identifier and... Impact Denial of Service Elevation of Privilege System / Technologies affected SUSE Linux […]
- ChromeOS Multiple Vulnerabilities February 7, 2023Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Version prior to LTS-102, 102.0.5005.196 (Platform Version: 14695.1782.0) Solutions Before installation of the software, please […]
- Android Multiple Vulnerabilities February 7, 2023Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system. Impact Denial of Service Elevation of Privilege Information Disclosure System / Technologies affected Android security patch level prior to 2023-02-05 Solutions Before installation of […]
- OpenSSH Multiple Vulnerabilities February 7, 2023Multiple vulnerabilities were identified in OpenSSH. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution System / Technologies affected Version prior to OpenSSH 9.1 Solutions Before installation of the software, please visit the vendor web-site […]
- Microsoft Edge Data Manipulation Vulnerability February 6, 2023A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger data manipulation on the targeted system. Note: Proof Of Concept Exploit Code is Publicly Available for CVE-2023-21720. Impact Data Manipulation System / Technologies affected Microsoft Edge prior to 109.0.1518.78 Solutions Before installation of the software, please visit the […]
- [Security Blog] How to Mitigate New Cyber Security Risks Arising from the Growing Use of Technology in Industrial Operations February 5, 2023In recent years, more enterprises and public utilities are leveraging 5G and Internet of Things (IoT) technologies to connect their industrial operation technology (OT) systems to the information technology (IT) systems or the Internet. This enables the operation data of factory machines...
- F5 Products Multiple Vulnerabilities February 3, 2023Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution System / Technologies affected BIG-IP 17.0.0 16.1.0 - 16.1.3 15.1.0 - 15.1.8 14.1.0 - 14.1.5 13.1.0 - 13.1.5 […]
- IBM WebSphere Application Server Remote Code Execution Vulnerability February 2, 2023A vulnerability was identified in IBM WebSphere Application Server. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system. Impact Remote Code Execution System / Technologies affected IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Solutions Before installation of the software, please visit the vendor web-site for […]