Tag: injection

Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises

Feb 5, 2025 5:12 AM

Tags: access, advisory, antivirus, apt, attack, cisa, cloud, cybersecurity, finance, framework, government, iam, infrastructure, injection, Internet, linux, macOS, malicious, malware, military, network, open-source, programming, ransomware, remote-code-execution, risk, social-engineering, software, supply-chain, tool, update, windows

Code references to nonexistent cloud assets continue to pose significant security risks, and the problem is only growing. Recent research identified approximately 150 AWS S3 storage buckets once used by various software projects to host sensitive scripts, configuration files, software updates, and other binary artifacts that were automatically downloaded and executed on user machines.Because these…
New FUD Malware Targets MacOS, Evading Antivirus and Security Tools

Feb 4, 2025 2:12 PM

Tags: antivirus, control, cyber, framework, injection, macOS, malware, threat, tool

A new strain of Fully Undetectable (FUD) macOS malware, dubbed >>Tiny FUD,
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access

Feb 4, 2025 11:12 AM

Tags: access, cve, cvss, flaw, injection, malicious, update, vulnerability

A security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions.The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity.”Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker…
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

Jan 29, 2025 6:36 PM

Tags: attack, cve, injection, update, vulnerability, zyxel

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/29/zyxel-cpe-devices-under-attack-vulnerability-cve-2024-40891/
Hackers exploit critical unpatched flaw in Zyxel CPE devices

Jan 29, 2025 4:36 PM

Tags: cve, exploit, flaw, hacker, injection, vulnerability, zyxel

Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/
Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Jan 29, 2025 4:36 PM

Tags: access, ai, application-security, attack, best-practice, business, ciso, cloud, compliance, computing, control, cybersecurity, data, detection, finance, framework, google, governance, guide, infrastructure, injection, intelligence, lessons-learned, malicious, microsoft, mitigation, monitoring, office, openai, penetration-testing, privacy, risk, risk-assessment, risk-management, skills, software, strategy, supply-chain, technology, theft, threat, tool, training, unauthorized, vulnerability

[written together with Marina Kaganovich, Executive Trust Lead, Office of the CISO @ Google Cloud; originally posted here] In 2024, we shared our insights on how to approach generative AI securely by exploring the fundamentals of this innovative technology, delving into key security terms, and examining the essential policies needed for AI governance. We also discussed…
New Aquabot Malware Actively Exploiting Mitel SIP phones injection vulnerability

Jan 29, 2025 1:36 PM

Tags: botnet, cve, cyber, exploit, injection, intelligence, malware, phone, vulnerability

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique capabilities not previously seen in Mirai derivatives. The malware exploits CVE-2024-41710, a command injection vulnerability…
Google’s Agentic AI Security Team Develops Framework to Combat Prompt Injection Attacks

Jan 29, 2025 12:36 PM

Tags: ai, attack, framework, google, injection

Google’s Agentic AI Security Team announced in a recent blog post that they have developed a new framework First seen on securityonline.info Jump to article: securityonline.info/googles-agentic-ai-security-team-develops-framework-to-combat-prompt-injection-attacks/
Attackers actively exploit a critical zero-day in Zyxel CPE Series devices

Jan 29, 2025 12:36 PM

Tags: cve, exploit, injection, threat, vulnerability, zero-day, zyxel

Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as CVE-2024-40891, in Zyxel CPE Series devices. The vulnerability is a command injection issue that remains unpatched and has not yet been publicly disclosed. Attackers can exploit…
Hochriskante SQLLücke gefährdet Avi Load Balancer

Jan 29, 2025 12:36 PM

Tags: injection, sql, vmware

Broadcom warnt vor einer SQL-Injection-Lücke in VMware Avi Load Balancer. Angreifer können unbefugt auf die Datenbank zugreifen. First seen on heise.de Jump to article: www.heise.de/news/VMware-Hochriskante-SQL-Injection-Luecke-gefaehrdet-Avi-Load-Balancer-10260568.html
Zyxel CPE Zero-Day (CVE-2024-40891) Exploited in the Wild

Jan 29, 2025 11:36 AM

Tags: cve, cyber, data-breach, exploit, injection, vulnerability, zero-day, zyxel

Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891. This critical vulnerability, which remains unpatched and undisclosed by the vendor, has left over 1,500 devices globally exposed to potential compromise, as reported by Censys. About the Vulnerability CVE-2024-40891 CVE-2024-40891 […]…
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer

Jan 29, 2025 7:44 AM

Tags: access, cve, flaw, injection, malicious, network, sql, vmware, vulnerability

Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.”A malicious user with network access may be able to use specially crafted SQL queries…
CISA warns of critical, high-risk flaws in ICS products from four vendors

Jan 29, 2025 5:37 AM

Tags: access, authentication, automation, cisa, cloud, computing, control, credentials, cve, cvss, cybersecurity, data, exploit, flaw, infrastructure, injection, leak, mitigation, monitoring, open-source, remote-code-execution, risk, service, software, threat, update, vulnerability, windows

The US Cybersecurity and Infrastructure Security Alliance has issued advisories for 11 critical and high-risk vulnerabilities in industrial control systems (ICS) products from several manufacturers.The issues include OS command injection, unsafe deserialization of data, use of broken cryptographic algorithms, authentication bypass, improper access controls, use of default credentials, sensitive information leaks, and more. The flaws…
VMware fixed a flaw in Avi Load Balancer

Jan 29, 2025 1:36 AM

Tags: access, cve, exploit, flaw, injection, network, risk, sql, vmware, vulnerability

VMware fixed a high-risk blind SQL injection vulnerability in Avi Load Balancer, allowing attackers to exploit databases via crafted queries. VMware warns of a high-risk blind SQL injection vulnerability, tracked as CVE-2025-22217 (CVSS score of 8.6), in Avi Load Balancer, allowing attackers with network access to exploit databases via crafted queries. >>VMware AVI Load Balancer…
VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

Jan 28, 2025 10:37 PM

Tags: access, injection, malicious, network, risk, sql, vmware

VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vmware-warns-of-high-risk-blind-sql-injection-bug-in-avi-load-balancer/
Silicon Labs: Software- und Treiber-Installer mit DLLLücken

Jan 27, 2025 1:03 PM

Tags: injection, software, vulnerability

In zehn Installationsprogrammen von Software und Treibern von Silicon Labs können Angreifer eine DLL-Injection-Schwachstelle missbrauchen. First seen on heise.de Jump to article: www.heise.de/news/Silicon-Labs-Software-und-Treiber-Installer-mit-DLL-Injection-Luecken-10257362.html
Treasury Department Breach: A Crucial Reminder for API Security in the Public Sector

Jan 23, 2025 6:22 PM

Tags: access, ai, api, application-security, attack, authentication, breach, china, cve, cyber, data, detection, exploit, finance, flaw, framework, governance, government, hacker, healthcare, infrastructure, injection, malicious, monitoring, network, programming, risk, siem, software, sql, strategy, supply-chain, threat, tool, unauthorized, vpn, vulnerability, zero-day, zero-trust

The recent cyber breach at the U.S. Treasury Department, linked to state-sponsored Chinese hackers, has set off alarm bells in the public sector. As the investigation continues, this incident reveals a pressing issue that all government agencies must confront: securing their APIs (Application Programming Interfaces). APIs are essential connections within our digital infrastructure, facilitating communication…
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code

Jan 23, 2025 11:22 AM

Tags: api, attack, authentication, browser, chrome, cyber, data, injection, malicious, phishing, supply-chain

A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code into legitimate Chrome extensions. Sensitive user data, including API keys, session cookies, and authentication tokens…
25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL

Jan 22, 2025 9:22 AM

Tags: cyber, data, hacker, injection, malicious, microsoft, risk, sql, vulnerability

In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on Microsoft’s DevBlogs website (accessible at https://devblogs.microsoft.com). This vulnerability could allow attackers to manipulate the site’s underlying database by injecting malicious SQL queries, posing a significant risk to the platform and its data integrity. Identifying the Vulnerability The vulnerability was found in the…
ChatGPT API flaws could allow DDoS, prompt injection attacks

Jan 21, 2025 3:22 PM

Tags: api, attack, chatgpt, cvss, data, ddos, exploit, flaw, github, injection, Internet, microsoft, network, openai, programming, service, software, threat, vulnerability

OpenAI-owned ChatGPT might have a vulnerability that could allow threat actors to launch distributed denial of service (DDoS) attacks on unsuspecting targets. According to a discovery made by German security researcher Benjamin Flesch, the ChatGPT crawler, which OpenAI uses to collect data from the internet to improve ChatGPT, can be tricked into DDoSing arbitrary websites. “ChatGPT crawler…
Critical SUSE Linux Distro Injection Vulnerability Allow Attackers Exploits “go-git” Library

Jan 21, 2025 1:22 PM

Tags: control, cve, cyber, exploit, injection, linux, vulnerability

A significant security vulnerability, designated CVE-2025-21613, has been discovered in the go-git library, used for Git version control in pure Go applications. This issue affects all versions before 5.13.0 and is characterized by an argument injection vulnerability, enabling potential attackers to modify git-upload-pack flags when utilizing the file transport protocol. This protocol is particularly vulnerable…
Root-Zugriff und Command Injection möglich – Industrielle Moxa-Netzwerke angreifbar

Jan 20, 2025 8:22 AM

Tags: access, injection

First seen on security-insider.de Jump to article: www.security-insider.de/moxa-sicherheitsluecken-routern-netzwerkgeraeten-a-0e7aa60423799aa4d8a438dca4a62a07/
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 29

Jan 19, 2025 11:23 PM

Tags: ai, attack, credit-card, group, injection, international, malware, ransomware, service, wordpress

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection Ransomware on ESXi: The mechanization of virtualized attacks FunkSec Alleged Top Ransomware Group Powered by AI Abusing AWS Native Services: Ransomware Encrypting S3 Buckets […]…
Cisco Unveils AI Defense to Stand Against Model Safety Risks

Jan 15, 2025 9:02 PM

Tags: ai, cisco, defense, injection, intelligence, LLM, risk, threat

Product Head Jeetu Patel on How AI Defense Ensures Secure LLM Operations at Runtime. Cisco’s AI Defense platform addresses emerging safety and security risks in AI. By leveraging insights from Robust Intelligence, it offers model validation, threat prevention and integrated guardrails to protect against evolving challenges such as hallucinations and prompt injection attacks. First seen…
Cisco’s homegrown AI to help enterprises navigate AI adoption

Jan 15, 2025 3:02 PM

Tags: access, ai, attack, business, cisco, cloud, control, data, defense, detection, firewall, infrastructure, injection, malicious, monitoring, network, risk, technology, tool, training, vulnerability

As the world rushes to integrate AI into all aspects of enterprise applications, there’s a pressing need to secure data-absorbing AI systems from malicious interferences.To achieve that, Cisco has announced Cisco AI Defense, a solution designed to address the risks introduced by the development, deployment, and usage of AI.According to Tom Gillis, SVP and GM…
Gen AI strategies put CISOs in a stressful bind

Jan 14, 2025 10:47 AM

Tags: access, ai, attack, business, ciso, compliance, control, cybersecurity, data, exploit, injection, law, LLM, malicious, open-source, ransomware, risk, risk-management, saas, service, software, strategy, technology, unauthorized, vulnerability

Senior executive perceptions on the promise of generative AI are proving to be a siren song for many CISOs.According to a recent survey from NTT Data, 89% of C-suite executives “are very concerned about the potential security risks associated with gen AI deployments.” But, the report found, those same senior execs believe “the promise and…
U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

Jan 14, 2025 8:46 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-12686 (CVSS score of 6.6) The flaw is an OS Command Injection Vulnerability in BeyondTrust…
Credit Card Skimmer campaign targets WordPress via database injection

Jan 13, 2025 12:26 PM

Tags: credit-card, injection, malicious, wordpress

Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimmer campaign targeting WordPress e-commerce sites by injecting malicious JavaScript into CMS database tables. The attackers hide the malicious code in the WordPress wp_options table, injecting obfuscated JavaScript into…
Fancy Product Designer Plugin Flaws Expose WordPress Sites

Jan 9, 2025 7:20 PM

Tags: attack, flaw, injection, remote-code-execution, risk, sql, wordpress

Critical Fancy Product Designer plugin flaws risk remote code execution and SQL injection attacks on WordPress sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-product-designer-plugin-flaws/