Remote – Page 3 – OWASP Jakarta

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that’s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out Read more

By adminowasp, 1 year ago May 6, 2024

News

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked Read more

By adminowasp, 1 year ago April 2, 2024

News

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started Read more

By adminowasp, 1 year ago April 1, 2024

News

Popular Remote Desktop Software Mandates Password Reset

Popular Remote Desktop Software Mandates Password Reset Feb 03, 2024NewsroomCyber Attack / Software Security Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German company said the incident, which it discovered following a security audit, Read more

By adminowasp, 1 year ago February 7, 2024

News

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks Jan 25, 2024NewsroomFileless Malware / Endpoint Security Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that’s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware “has been Read more

By adminowasp, 1 year ago January 25, 2024

News

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans Dec 11, 2023NewsroomVulnerability / Espionage The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access Read more

By adminowasp, 2 years ago December 11, 2023

News

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability Dec 08, 2023NewsroomVulnerability / Website Security WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. Read more

By adminowasp, 2 years ago December 8, 2023

News

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution Dec 06, 2023NewsroomSoftware Security / Vulnerability Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below – CVE-2022-1471 (CVSS score: 9.8) Read more

By adminowasp, 2 years ago December 6, 2023

News

BIG-IP Vulnerability Allows Remote Code Execution

BIG-IP Vulnerability Allows Remote Code Execution Oct 27, 2023NewsroomNetwork Security / Vulnerability F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS Read more

By adminowasp, 2 years ago November 5, 2023