Featured news – TFun dot org

High-risk ConnectWise Automate vulnerability fixed, admins urged to patch ASAP

09/09/2022RedOne

ConnectWise has fixed a vulnerability in ConnectWise Automate, a popular remote monitoring and management tool, which could allow attackers to compromise confidential data or other processing resources. The severity of the vulnerability is merely “important”, as its exploitation requires additional access and/or privilege, but ConnectWise recommends administrators of on-premise instances to patch as soon as […]

DigitalOcean customers affected by Mailchimp “security incident”

16/08/2022RedOne

A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on Monday. “On August 8th, DigitalOcean discovered that our Mailchimp account had been compromised as part of what we suspect to be a wider Mailchimp security incident that affected their customers, targeted […]

1,900 Signal users exposed following Twilio breach

16/08/2022RedOne

The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. “Among the 1,900 phone numbers, the attacker explicitly searched for three numbers, and we’ve received a report from one of those three users that their account was re-registered,” […]

Vulnerabilities in popular GPS tracker could allow hackers to remotely stop cars

20/07/2022RedOne

Six vulnerabilities in the MiCODUS MV720 GPS tracker that’s used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles. “Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition,” BitSight researchers […]

Attackers are using deepfakes to snag remote IT jobs

05/07/2022RedOne

Malicious individuals are using stolen personally identifiable information (PII) and voice and video deepfakes to try to land remote IT, programming, database and software-related jobs, the FBI has warned last week. The increasing malicious use of deepfakes Deepfakes are synthetic media – images, audio recordings, videos – that make it look like a person has […]

State of Pentesting 2022 report: Interactive event and open discussion

19/04/2022RedOne

In The State of Pentesting 2022 Report, Cobalt studied data from 2,380 pentests and surveyed 602 cybersecurity and software development professionals. The report focuses on issues and stats relevant to both the security and development teams. Join the Cobal team to learn about: The impact talent shortages have on security and development programs What’s causing […]

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)

15/04/2022RedOne

Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy to see why: it may be exploited by unauthenticated, remote attackers to breach systems and by attackers that already have access to a system and want to hop on others on the […]

APT group has developed custom-made tools for targeting ICS/SCADA devices

14/04/2022RedOne

Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): Certain APT actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices. These tools […]

Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)

14/04/2022RedOne

Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. About CVE-2022-22954 CVE-2022-22954 is, in effect, a server-side template injection vulnerability that can be triggered by a malicious actor with network access to achieve remote code execution. It was reported to VMware […]

Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

12/04/2022RedOne

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module. Vulnerabilities of note CVE-2022-24521 is a vulnerability in the Windows Common Log File System Driver that was reported to Microsoft […]