Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- Hackers exploit Control Web Panel flaw to open reverse shells
January 12, 2023
Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly known as CentOS Web Panel. The security issue is identified as CVE-2022-44877 and received a critical severity score of 9.8 out of 10 as it allows an attacker to execute code remotely without authentication. On January 3, ...
- Juniper Networks Releases Security Updates for Multiple Products
January 12, 2023
Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Fortinet: Government networks targeted with now-patched SSL-VPN zero-day
January 12, 2023
Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related targets. The security flaw (CVE-2022-42475) abused in these incidents is a heap-based buffer overflow weakness found in the FortiOS SSLVPNd that allowed unauthenticated attackers to crash targeted devices remotely or gain remote code execution. The network security ...
- Iowa’s largest city cancels classes due to cyber attack
January 9, 2023
Iowa’s largest school district cancelled classes for Tuesday after determining there was a cyber attack on its technology network. Des Moines Public Schools announced Monday that classes would be cancelled for its 33,000 students after being “alerted to a cyber security incident on its technology network.” The district said in a news release that it took its ...
- Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL
January 9, 2023
The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. While these tactics aren’t novel, Microsoft’s Defender for Cloud team reports they have seen an uptick lately, indicating that the threat actors are actively looking for specific entry points. Kinsing is a Linux malware with a ...
- Darknet drug markets move to custom Android apps for increased privacy
January 9, 2023
Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement. Besides ordering, these apps allow shop clients to communicate with drug vendors and provide specific courier instructions for delivery. This new trend has been observed by analysts at Resecurity around ...