Actualités – Page 344 – Guillaume BEAUPELLET

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using the framework susceptible to credential leakage, which could

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

A new security flaw has been disclosed in the Google Cloud Platform’s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. « The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP […]

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is […]

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that […]

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006. The California-headquartered firm

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

A new strain of malicious software that’s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put […]

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. « The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices, » Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News. Targets include

Zyxel Issues Critical Security Patches for Firewall and VPN Products

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system. A brief description of the two issues […]

Cynet Protects Hospital From Lethal Infection

A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protections were in place on most of the Windows XP and Windows 7 machines during the upgrade […]

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim’s Microsoft Exchange Server with a « simple yet effective » backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to […]