دسته: English News

Microsoft has officially disclosed that it is investigating two zero-day security vulnerabilities affecting Exchange Server 2013, 1016, and 2019 after reports of exploits in the wild. The first vulnerability, CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second vulnerability, CVE-2022-41082, allows when PowerShell to be available to an attacker, the tech giant said. Enables remote code execution (RCE). The company also confirmed that it is aware of “limited targeted attacks” that weaponize flaws to gain basic access to targeted systems, but stressed that authentication access to the vulnerable…

Read More

Several high-severity flaws have been discovered in the open-source OpenLiteSpeed web server, as well as its enterprise variant, which could be used for remote code execution. OpenLiteSpeed is the open-source version of LiteSpeed Web Server, the sixth most popular web server with 1.9 million unique servers worldwide. The first of the three flaws is a directory traversal flaw (CVE-2022-0072, CVSS score: 5.8), which can be exploited to access forbidden files in the main web directory. The remaining two vulnerabilities (CVE-2022-0073 and CVE-2022-0074, CVSS scores: 8.8) are related to an elevation…

Read More

A version of an open-source ransomware toolkit called Kryptonite has been spotted in the wild with wiping capabilities due to its “poor architecture and programming.” Unlike other ransomware variants, Kryptonite is not available to cybercriminal underground markets and was instead offered for free by an actor named CYBERDEVILZ through a GitHub repository until recently. The source code and its sub-branches have since been removed. Written in Python, this malware uses the Fernet module from the cryptographic package to encrypt files with the “.cryptn8” extension. But a new sample analyzed by…

Read More