Geek Feed

18-year-old security flaw in Firefox and Chrome exploited in attacks

August 9, 2024August 9, 2024 geekfeed0Tagged 0day, Browser, exploit, Firefox, google chrome, Internet, network, Safari, vulnerability, web browser

A vulnerability disclosed 18 years ago, dubbed “0.0.0.0 Day”, allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. However, it should be noted that this only affects Linux and macOS devices, and does not work on Windows. For impacted devices, threat actors […]

6 mins read

Critical Progress WhatsUp RCE flaw now under active exploitation

August 7, 2024August 7, 2024 geekfeed0Tagged Actively Exploited, exploit, poc, Proof of Concept, rce, Remote Code Execution, WhatsUp, WhatsUp exploit, WhatsUp Gold

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The vulnerability leveraged in these attacks is CVE-2024-4885, a critical-severity (CVSS v3 score: 9.8) unauthenticated remote code execution flaw impacting Progress WhatsUp Gold 23.1.2 and older. Proof-of-concept (PoC) exploits for CVE-2024-4885 are […]

3 mins read

Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault

August 7, 2024August 7, 2024 geekfeed0Tagged Bug Bounty, Bug Bounty Program, mobile, rce, Reward, samsung, samsung galaxy

Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports demonstrating critical attack scenarios. The new ‘Important Scenario Vulnerability Program (ISVP)’ program focuses on vulnerabilities related to arbitrary code execution, the unlocking of devices, data extraction, arbitrary application installation, and bypassing device protections. Highlighted payouts […]

2 mins read

Google fixes Android kernel zero-day exploited in targeted attacks

August 6, 2024August 6, 2024 geekfeed0Tagged android, google, Kernel, Zero-Day

Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. The zero-day, tracked as CVE-2024-36971, is a use after free (UAF) weakness in the Linux kernel’s network route management. It requires System execution privileges for successful exploitation and allows altering the behavior of certain network connections. Google says that “there […]

2 mins read

WhatsApp for Windows lets Python, PHP scripts execute with no warning

July 28, 2024August 8, 2024 geekfeed0Tagged 0-day, Attachments, Python, Remote Code Execution, WhatsApp, Zero-Day

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be successful, Python needs to be installed, a prerequisite that may limit the targets to software developers, researchers, and power users. The problem […]

5 mins read

Critical ServiceNow RCE flaws actively exploited to steal credentials

July 26, 2024July 26, 2024 geekfeed0Tagged rce, rce vulnerability, Remote Code Execution, ServiceNow, vulnerability

Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. This malicious activity was reported by Resecurity, which, after monitoring it for a week, identified multiple victims, including government agencies, data centers, energy providers, and software development firms. Although the vendor released security updates […]

2 mins read

MHTML Exploited By APT Group Void Banshee

July 17, 2024July 17, 2024 geekfeed0Tagged CVE-2024-38112, exploit, mhtml, microsoft, rce vulnerability, windows

Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler. This vulnerability, dubbed ZDI-CAN-24433, was reported from CVE-2024-38112 to Microsoft upon discovery (and later patched by the tech giant), with evidence suggesting it was actively exploited by the advanced persistent threat (APT) group Void Banshee. Known […]

2 mins read

Microsoft Fixes Four Zero-Days in July Patch

July 14, 2024July 14, 2024 geekfeed0Tagged CVE-2024-35264, CVE-2024-37985, CVE-2024-38080, CVE-2024-38112, microsoft, patch, windows, zero day

Sysadmins have a busy time ahead this month after Microsoft issued updates for over 140 CVEs, including four zero-day vulnerabilities. The zero-days are as follows: RCE Vulnerabilities Microsoft patched five critical RCE vulnerabilities in this July’s Patch Tuesday. First, a SharePoint vulnerability CVE-2024-38023 has been identified. “[It] could allow an authenticated attacker with site owner […]

2 mins read

Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

July 13, 2024July 13, 2024 geekfeed0Tagged CVE-2024-30103, CVE-2024-38021, cybersecurity, exploit, microsoft, microsoft outlook, outlook, rce flaw, vulnerability

Security researchers have uncovered a critical vulnerability, CVE-2024-38021, affecting most Microsoft Outlook applications. This zero-click remote code execution (RCE) vulnerability, now patched by Microsoft, did not require any authentication, setting it apart from the previously discovered CVE-2024-30103, which required at least an NTLM token. If exploited, CVE-2024-38021 could lead to data breaches, unauthorized access and […]

1 min read

PHP bug executes RCEs, cryptominers and DDoS attacks

July 13, 2024July 13, 2024 geekfeed0Tagged cryptominers, CVE-2024-4577, ddos, gh0st rat, malware, php, rce

Not long after a new PHP bug was disclosed in the late spring, Akamai researchers observed numerous attempts to exploit the vulnerability, which they said indicates high exploitability and quick adoption by threat actors. Because PHP is one of the most popular server-side scripting languages used to create dynamic web pages on more than 75% […]

2 mins read