Best of Vulnerability — 2024
- 1
- 2
Snyk·2y
What you should know about PHP security vulnerabilities
PHP is a popular scripting language for web development, which makes it a target for hackers. Developers must understand PHP security risks like SQL Injection and code injection, and use practices like sanitizing inputs, using prepared statements, and regularly updating dependencies to mitigate these risks. Tools like Snyk can automate the process of identifying and fixing vulnerabilities in PHP applications, ensuring compliance and protecting against breaches.
- 3
- 4
The Hacker News·2y
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
A new critical security flaw in PHP exposes Windows servers to remote code execution. The vulnerability allows unauthenticated attackers to bypass previous protections and execute arbitrary code on remote PHP servers. A fix has been released in PHP versions 8.3.8, 8.2.20, and 8.1.29. Users are urged to apply the patches quickly.
- 5
Community Picks·2y
Matt Brown Digs Deep Into an IP Camera's Firmware — and Finds a Hard-Coded Root Password
Matt Brown of Brown Fine Security has demonstrated a serious security flaw in the VStarcam CB73 IP camera by discovering a hard-coded root password. Using a detailed process involving physical hardware examination, firmware dumping, and software analysis with Ghidra, Brown exposed vulnerabilities that highlight the risks of using devices with hard-coded credentials. His findings stress the importance of better security regulations for IoT devices.
- 6
Arctic Wolf·2y
Anatomy of a Cyber Attack: PAN-OS Firewall Zero-Day I Arctic Wolf
In April 2024, Palo Alto Networks disclosed a critical zero-day vulnerability, CVE-2024-3400, affecting their PAN-OS firewalls with a severity score of 10.0. The vulnerability allows remote attackers to execute arbitrary code with root privileges. Upon its disclosure, approximately 22,542 internet-exposed firewall devices were vulnerable. Security teams quickly worked to mitigate the threat, stopping attacks in their tracks with proactive measures. Arctic Wolf prevented exploitation through active customer communication and monitoring, successfully thwarting multiple attacks and preventing ransomware infections.
- 7
- 8
Hacker News·2y
Root your Docker host in 10 seconds for fun and profit
A post discussing the vulnerability of adding users to the 'docker' group, which grants root access to the Docker daemon. It demonstrates how easy it is to exploit this vulnerability and provides a workaround solution using UID remapping.
- 9
Eric Parker·2y
Can Malware escape Virtual Machines?
Malware can theoretically escape from virtual machines, but it's rare due to the specific conditions needed, including outdated hypervisors and complex exploits. The main risks come from human error, such as improper configurations and using shared folders. Keeping systems updated with security patches significantly reduces these risks. Nested virtualization can offer additional security, albeit with performance costs.
- 10
Low Level Learning·1y
i found thousands of errors in this program. (you've probably used it)
A deep dive into a vulnerability found in the szip program, highlighting the steps taken to identify and triage over a thousand crashes. The author explains the process of fuzzing, the details of the integer underflow vulnerability, and the resulting potential for remote code execution. The bug was fixed in 7zip version 2407, and users are advised to update to this or a newer version to mitigate the security risk.
- 11
- 12
Why you should upgrade PostgreSQL today
A critical security vulnerability, CVE-2024-7348, impacts PostgreSQL versions 12 through 16, allowing attackers to execute arbitrary SQL code during `pg_dump` operations. The PostgreSQL team has released minor updates that fix this TOCTOU race condition vulnerability by introducing a new server parameter, `restrict_nonsystem_relation_kind`. Users are urged to upgrade immediately and review their setup, including user permissions, to avoid potential data compromise.
- 13
- 14
- 15
the new "9.9" Severity Linux Vunlerability
A CVSS 9.9 severity vulnerability affecting all systems using the CUPS (Common Unix Printing System) allows remote unauthenticated attackers to execute arbitrary commands when a print job is started. This is less severe than vulnerabilities like EternalBlue but still poses a significant risk, especially if systems are exposed to the internet. Properly configured firewalls can mitigate some threats, and updating CUPS is recommended to prevent exploitation.
- 16
- 17
Spring·1y
CVE-2024-38827: Spring Security Authorization Bypass for Case Sensitive Comparisons
Broadcom and third-party partners utilize cookies and similar technology to analyze site usage, enhance user experience, and assist with advertising. Visiting their site implies consent to their cookie policy.
- 18
ThePrimeTime·1yZendesk Mega Backdoor
A 15-year-old programmer discovered a vulnerability in Zendesk that allowed remote attackers to read ticket histories via email spoofing. Despite the severity of the issue, Zendesk initially dismissed the report, leading the teenager to disclose the bug to affected companies directly. This eventually pressured Zendesk to fix the issue, but they did not reward the programmer, citing a breach of disclosure guidelines.
- 19
InfoSec Write-ups·2y
Real World GitLab Account Take Over
An attacker managed to exploit a vulnerability in GitLab, taking over accounts of a company that provides VoIP solutions, including government organizations, banks, and telecom providers. The post describes the reconnaissance process, the GitLab enumeration, the specific vulnerability (CVE-2023-7028), and the exploitation process. The attacker harvested email addresses of the company's employees to carry out the account takeover. Once inside, they gained access to all company projects and extracted API keys and credentials.
