🚨 Breaking News: In a shocking twist, a 403 Forbidden Error has been declared the latest software vulnerability, proving once again that bloat is the gift that keeps on giving. 🎉 Meanwhile, Varnish cache server's existential crisis deepens as it ponders its own forbidden existence. 🙈
https://spectrum.ieee.org/lean-software-development #BreakingNews #SoftwareVulnerability #VarnishCache #Error403 #BloatCrisis #TechHumor #HackerNews #ngated

7-Zip Zero-Day Exploit Used in Ukraine Cyberattacks: Urgent Update Needed
Urgent: A 7-Zip Zero-Day Exploit was used in recent Ukraine cyberattacks. Malicious actors bypassed security using nested archives. Update your software immediately & practice safe computing habits. #7ZipZeroDayExploit #Cyberattack #Ukraine #ZeroDayVulnerability #Cybersecurity #SoftwareVulnerability
https://tech-champion.com/info/7-zip-zero-day-exploit-used-in-ukraine-cyberattacks-urgent-update-needed/

A new critical security flaw (CVE-2024-4577) affecting all versions of PHP on Windows has been disclosed. This CGI argument injection vulnerability allows remote code execution by bypassing protections from a previous flaw (CVE-2012-1823).

Key Points:

- Impacts all PHP versions on Windows
- Allows argument injection and remote code execution
- Bypasses previous CVE-2012-1823 protections
- Affects XAMPP installations with specific locales by default
- Patches available in PHP 8.3.8, 8.2.20, and 8.1.29

Admins are urged to update #PHP immediately as exploitation attempts have already been detected. Switching to more secure solutions like Mod-PHP, FastCGI, or PHP-FPM is also recommended.

This simple yet critical bug highlights the importance of thorough security reviews and timely patching.

#PHPSecurity #CVE20244577 #RemoteCodeExecution #CyberSecurity #SoftwareVulnerability #WindowsOS #WebAppSecurity

HackerNews: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html

Looking for something to read? We suggest "An extensive study of the effects of different deep learning models on code vulnerability detection in Python code" by Rongcun Wang, Senlei Xu, Xingyu Ji, Yuan Tian, Lina Gon, and Ke Wang.

Read the #AutomatedSoftwareEngineering article at https://link.springer.com/article/10.1007/s10515-024-00413-4 #DeepLearning #SoftwareVulnerability #Python

"🚨 Lazarus Strikes Again: A Deep Dive into Their Latest Campaign 🚨"

The Lazarus group, known for its relentless cyber-espionage campaigns, has unveiled a new wave of attacks. This time, they compromised a software vendor through unpatched legitimate software. Despite available patches, many systems continued using the flawed software, making them easy prey for Lazarus. 🛡️💻

The group's modus operandi involved exploiting these software vulnerabilities and then deploying the SIGNBT malware using a DLL side-loading technique. This malware, SIGNBT, communicates with its C2 server and has a unique identifier, making it a signature Lazarus tool. Moreover, the group also deployed LPEClient, a tool previously seen in attacks on defense contractors and the cryptocurrency sector. 🌐🔗

Lazarus's tactics have evolved, now exploiting high-profile software vulnerabilities to spread their malware efficiently. Their targets span across industries, emphasizing their adaptability and determination. 🎯🌍

Source: Securelist - Unveiling Lazarus' New Campaign

Tags: #Lazarus #CyberSecurity #APT #SIGNBT #LPEClient #SoftwareVulnerability #CyberEspionage 🕵️‍♂️🔍🔐

MITRE ATT&CK - Lazarus

"Google's Silent Amendment: A Tale of a Critical WebP Vulnerability 🕷️"

Google has discreetly updated a prior disclosure concerning a critical code-execution vulnerability, initially underplayed as affecting only Chrome, but now revealed to impact thousands of apps and software frameworks. The culprit is the libwebp code library, created by Google for rendering WebP images, which is embedded in numerous apps, operating systems, and code libraries, notably the Electron framework. The vulnerability, initially tagged as CVE-2023-4863, was reclassified as CVE-2023-5129 with a severity rating escalated to a perfect 10. The flaw could allow attackers to execute malicious code merely by tricking users into viewing a corrupted WebP image. It's a stark reminder to ensure your apps, especially those running on Electron versions v22.3.24, v24.8.3, or v25.8.1, are updated to dodge this bullet. 🛡️

Source: Ars Technica by Dan Goodin. Follow him on Twitter.

Tags: #Google #WebPVulnerability #CVE20234863 #CVE20235129 #CyberSecurity #CodeExecution #ElectronFramework #SoftwareVulnerability #InfoSec

Visualizing vulnerability metrics by merely counting the CVEs per vendor might provide insights into vendors with robust vulnerability disclosure processes. However, it is essential not to overlook the significant blind spot represented by vendors who fail to report any CVEs at all.

It is crucial to consider the broader picture by acknowledging the existence of vendors who do not actively fill any CVEs, potentially indicating deficiencies in their vulnerability management and disclosure procedures.

The challenge lies in quantifying unreported vulnerabilities and identifying vendors that fall into this category. How can we account for what has not been disclosed, and how do we go about identifying such vendors?

#cve #softwarevulnerability #infosec #vulnerability

Critical Cisco Bug Opens Software Licencing Manager to Remote Attack - A default password would let anyone access the Cisco Smart Software Manager On-Prem Base platform,... more: https://threatpost.com/critical-cisco-bug-software-licencing-remote-attack/153086/ #ciscosmartsoftwaremanageron-prembase #highavailabilityservice #softwarevulnerability #softwarelicensing #vulnerabilities #defaultpassword #cve-2020-3158 #criticalflaw #remoteattack #management #cisco