2025-02-22 09:28:25 Pacfic
Xerox Printer Flaws Expose Active Directory Credentials - 3d
Rapid7 researchers have discovered vulnerabilities in Xerox VersaLink C7025 Multifunction printers (MFPs). These flaws enable attackers to capture authentication credentials via pass-back attacks through Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB/FTP) services. Exploiting these vulnerabilities allows malicious actors to intercept authentication credentials, leading to credential theft and lateral attacks within enterprise networks, highlighting the need for security.
Fake PoC exploits targets researchers with malware - 10d
A fake proof-of-concept (PoC) exploit is being used to target security researchers, disguising itself as a fix for a critical Microsoft LDAP vulnerability. The attackers used a forked version of the legitimate PoC and embed information-stealing malware that is deployed when the malicious code is executed. The tactic aims to steal credentials, and other sensitive information from security researchers.
Windows LDAP RCE Vulnerability Exploit Released - 19d
A critical remote code execution (RCE) vulnerability, tracked as CVE-2024-49112, has been identified in Windows LDAP. A Proof of Concept (PoC) exploit has been released demonstrating how an attacker can send a malicious LDAP request to unpatched Domain Controllers, leading to memory corruption and remote code execution without any user interaction. This vulnerability poses a significant threat to Windows environments. This is a zero click RCE vulnerability.