DISC InfoSec blog

WhatsApp silently fixed two critical zero-day vulnerabilities that affect both Android & iOS versions allowing attackers to execute an arbitrary code remotely. Facebook-owned messenger WhatsApp is one of the Top-ranked Messenger apps with more than Billion users around the world in both Android and iPhone. Both vulnerabilities are marked under “critical” severity with a CVE […]

WhatsApp silently fixed two critical zero-day vulnerabilities that affect both Android & iOS versions allowing attackers to execute an arbitrary code remotely. Facebook-owned messenger WhatsApp is one of the Top-ranked Messenger apps with more than Billion users around the world in both Android and iPhone. Both vulnerabilities are marked under “critical” severity with a CVE […]

Can a device be hacked when switched off? Recent studies suggest so. Let’s see how this is even possible. Researchers from the Secure Mobile Networking Lab at the University of Darmstadt, Germany, have published a paper describing a theoretical method for hacking an iPhone — even if the device is off. The study examined the […]

Sansec Threat Research Team noticed a surge in Magento 2 template attacks. This critical template vulnerability in Magento 2 tracked as (CVE-2022-24086) is increasing among eCommerce cyber criminals. The vulnerability allows unauthenticated attackers to execute code on unpatched sites. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. More than 150,000 […]

Two critical vulnerabilities have been found recently in the wireless LAN devices of Contec. These critical vulnerabilities were discovered by the cybersecurity analysts, Samy Younsi and Thomas Knudsen of Necrum Security Lab. There are two models of the FLEXLAN FXA2000 and FXA3000 series from CONTEC which are primarily used in airplane installations as WiFi access […]

The Flexlan FXA3000 and FXA2000 series LAN devices made by the Japan-based firm contain two critical vulnerabilities tracked as CVE–2022–36158 and CVE–2022–36159. Necrum Security Labs’ researchers Samy Younsi and Thomas Knudsen have discovered two critical vulnerabilities in the wireless LAN devices manufactured by Contec. The company specializes in industrial automation, computing, and IoT communication technology. […]

Censys launched its State of the Internet Report, a holistic view into internet risks and organizations’ exposure to them. Through careful examination of which ports, services, and software are most prevalent on the internet and the systems and regions where they run, the research team discovered that misconfigurations and exposures represent 88% of the risks and vulnerabilities […]

A list of free open source vulnerability scanners which developers and penetration testers can use to scan systems for vulnerabilities and potential malware. A vulnerability assessment is an in-depth analysis of a network’s hardware, software, and other components to locate and fix potential security holes. Once identified, the software prioritizes security holes by how quickly […]

Grab and deploy this backend update if you offer even repo read access A critical command-injection vulnerability in multiple API endpoints of Atlassian Bitbucket Server and Data Center could allow an unauthorized attacker to remotely execute malware, and view, change, and even delete data stored in repositories. Atlassian has fixed the security holes, which are present in […]

Exploit code for a critical vulnerability affecting networking devices using Realtek RTL819x system on a chip released online. The PoC exploit code for a critical stack-based buffer overflow issue, tracked as  CVE-2022-27255  (CVSS 9.8), affecting networking devices using Realtek’s RTL819x system on a chip was released online. The issue resides in the Realtek’s SDK for the open-source […]

South Staffordshire in the UK has acknowledged it was targeted in a cyberattack, but Clop ransomware appears to be shaking down the wrong water company. South Staffordshire plc, a UK water-supply company, has acknowledged it was the victim of a cyberattack. Around the same time, the Clop ransomware group started threatening Thames Water that it would […]

Here’s this week’s BWAIN, our jocular term for a Bug With An Impressive Name. BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name and website. This one is dubbed ÆPIC Leak, a pun on […]

Software Bill of Material and Vulnerability Management Blind Spots Open source software is everywhere (which is not a bad thing in itself). However, many buyers don’t have inventory of open source components included in software products they are buying. Business even fail in keeping tack of open source components used in internally developed applications. As […]

The best-known cryptographic library in the open-source world is almost certainly OpenSSL. Firstly, it’s one of the most widely-used, to the point that most developers on most platforms have heard of it even if they haven’t used it directly. Secondly, it’s probably the most widely-publicised, sadly because of a rather nasty bug known as Heartbleed that was discovered […]

A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum (ONVIF). ONVIF provides and promotes standardized interfaces for effective […]

Google Project Zero experts disclosed details of a 5-Year-Old Apple Safari flaw actively exploited in the wild. Researchers from the Google Project Zero team have disclosed details of a vulnerability in Apple Safari that was actively exploited in the wild. The vulnerability, tracked as CVE-2022-22620, was fixed for the first time in 2013, but in 2016 […]

Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the internet for publicly accessible MySQL server instances on port 3306/TCP and uncovered 3.6M installs worldwide responding to their queries. These publicly accessible MySQL server instances represent a potential attack surface for their owners. “These are instances that respond to our […]

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel (CVE-2021-1048 and  CVE-2021-0920 ) and Cisco IOS XR (CVE-2022-20821). The Cisco IOS XR flaw (CVE-2022-20821, […]

A zero-day vulnerability in uClibc and uClibc-ng, a popular C standard library, could enable a malicious actor to launch DNS poisoning attacks on vulnerable IoT devices. The bug, tracked as ICS-VU-638779, which has yet to be patched, could leave users exposed to attack, researchers have warned. DNS poisoning In a DNS poisoning attack, the target domain name […]

It’s easy to see why: it may be exploited by unauthenticated, remote attackers to breach systems and by attackers that already have access to a system and want to hop on others on the same network. It can also be exploited without the vulnerable system’s user doing anything at all (aka “zero-click” exploitation). About CVE-2022-26809 CVE-2022-26809 is […]