Alerts

Samba has released security updates to fix multiple vulnerabilities in versions 4.17.4, 4.16.8 and 4.15.13. The addressed vulnerabilities could allow the remote attacker to gain elevated privileges and take control of affected systems. Sample of addressed vulnerabilities: 1. Netlogon RPC Privilege Escalation (CVE-2022-38023): • CVSS: 8.1 • Attack Vector: Network • Attack Complexity: High • Privileges Required: […]

SolarWinds has released security updates to fix multiple vulnerabilities in the Serv-U FTP server. The addressed vulnerabilities could allow the remote attacker to gain access or cause a denial of service to the affected systems. Sample of the addressed vulnerabilities: 1. Cross-Site Scripting Vulnerability in Serv-U Web Client (CVE-2022-38106): • CVSS: 7.5 • Attack Vector: Network

Microsoft has released an updated Microsoft Edge version (108.0.1462.54) to fix multiple vulnerabilities in Microsoft Edge (Chromium-based). The addressed vulnerabilities could allow the remote attacker to execute arbitrary code or cause a denial of service by persuading the victim to visit a specially crafted webpage on the affected system. Sample of the addressed vulnerabilities: 1. Chromium code execution

VMware has released security updates to fix vulnerabilities in VMware vRealize Operations (vROps). The severity of the addressed vulnerabilities could allow the remote authenticated attacker to gain privilege or obtain information from the affected products via sending specially-crafted requests. VMware vRealize Operations (vROps) privilege escalation vulnerability (CVE- 2022-31707): • CVSS: 7.2 • Attack Vector: Network • Attack Complexity: low

Aruba has released security updates to fix vulnerabilities across multiple Aruba products. The severity of the addressed vulnerabilities could allow the remote attacker to execute code, obtain information, and bypass security controls. Samples of the addressed vulnerabilities: 1- Privilege Escalation Aruba EdgeConnect Enterprise Orchestrator Web-based Management Interface (CVE-2022-44535): • CVSS: 8.8 • Attack Vector: Network • Attack

Google has released an updated Chrome version (108.0.5359.124/.125) for Windows and (108.0.5359.124) for Mac and Linux to fix multiple vulnerabilities in its Chrome desktop web browser. The severity of the addressed vulnerability could allow the remote attacker to bypass security restrictions by creating a specially crafted web page to execute arbitrary code on the affected system. Sample of the

Cisco has released a security update to fix a vulnerability in Cisco Identity Services Engine (ISE). The addressed vulnerability could allow the remote authenticated attacker to traverse directories on the system; The attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to read or delete arbitrary files on the system. Cisco Identity Services Engine (ISE) directory

Mozilla has released security updates to fix vulnerabilities in Firefox 108 and Firefox ESR 102.6. The addressed vulnerabilities could allow the remote attacker to gain access to sensitive information, perform spoofing attacks, bypass security restrictions, execute arbitrary code and cause a denial of service attack on the affected products. Successful exploitation of these vulnerabilities may

VMware has released security updates to fix multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to execute arbitrary code, obtain information and cause a denial of service attack on the affected products. Samples of the addressed vulnerabilities: 1- VMware ESXi memory corruption vulnerability (CVE-2022-31696): CVSS: 7.5 Attack Vector: Local Attack Complexity: High

DeathStalker targets Financial and legal entities in the Middle East with a new Janicab malware variant. Janicab was introduced as malware that runs on macOS and Windows operating systems. DeathStalker has leveraged several malware strains and delivery chains over the years, from the Python and Visual Basic-based Janicab to the PowerShell-based Powersing and the JavaScript-based Evilnum. The

Silence APT group targets financial institutions in several countries around the world through delivering TrueBot malware which leveraging of Netwrix Auditor critical RCE Bug and Raspberry Robin worm. TrueBot was first identified in 2017 as downloader malware, the main goal is to infect systems, collect information to help triage interesting targets, and deploy additional payloads. Security Researchers