New Windows zero-day exposes NTLM credentials, gets unofficial patch
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer.
The flaw was discovered by the 0patch team, a platform that provides unofficial support for end-of-life Windows versions, and was reported to Microsoft. However, no official fix has been released yet.
According to 0patch, the issue, which currently has no CVE ID, impacts all Windows versions from Windows 7 and Server 2008 R2 up to the latest Windows 11 24H2 and Server 2022.
Source: Bleeping computer
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.
The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing.
„From the VSPC management agent machine, under the condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine,“ Veeam said in an advisory.
Source: The hacker news / Bleeping computer / Dark reading / Securityweek
Link: https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html
Link: https://www.securityweek.com/veeam-warns-of-critical-vulnerability-in-service-provider-console/
Want to Grow Vulnerability Management into Exposure Management? Start Here!
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.
At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework.
Source: The hacker news
Link: https://thehackernews.com/2024/12/want-to-grow-vulnerability-management.html
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
A critical security vulnerability has been disclosed in SailPoint’s IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory.
The flaw, tracked as CVE-2024-10905, has a CVSS score of 10.0, indicating maximum severity. It affects IdentityIQ versions 8.2. 8.3, 8.4, and other previous versions.
IdentityIQ „allows HTTP access to static content in the IdentityIQ application directory that should be protected,“ according to a description of the flaw on NIST’s National Vulnerability Database (NVD).
The vulnerability has been characterized as a case of improper handling of file names that identify virtual resources (CWE-66), which could be abused to read otherwise inaccessible files.
Source: The hacker news / Securityweek
Link: https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html
Link: https://www.securityweek.com/critical-vulnerability-discovered-in-sailpoint-identityiq/
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges.
„These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality, integrity, and availability of the affected devices,“ cybersecurity company Nozomi Networks said in a Wednesday analysis.
Following responsible disclosure, the weaknesses have been addressed in the following firmware versions –
- 1.6.5 (for EKI-6333AC-2G and EKI-6333AC-2GD)
- 1.2.2 (for EKI-6333AC-1GPO)
Six of the identified 20 vulnerabilities have been deemed critical, allowing an attacker to obtain persistent access to internal resources by implanting a backdoor, trigger a denial-of-service (DoS) condition, and even repurpose infected endpoints as Linux workstations to enable lateral movement and further network penetration.
Source: The hacker news
Link: https://thehackernews.com/2024/11/over-two-dozen-flaws-identified-in.html
Using Newly Surfaced Data Breaches for OSINT Research
Data breaches are an unfortunate reality for many websites, leading to leaked information often posted on dark web forums or discovered by security researchers. Before this data disappears or is removed, Data Breach Search Engines (DBSEs) gather, verify, and categorize it, making it accessible to people seeking to understand what information may have been compromised. DBSEs like Have I Been Pwned allow OSINT (open-source intelligence) investigators to enter an email address and see if it was used on a breached site, often revealing critical information about the target’s online footprint. These DBSEs serve as an important privacy service, allowing users to know if their information has been exposed and, in some cases, request its removal from these databases.
Source: Secjuice