We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

remote support

Releasing Windows 10 Build 19045.5674 to the Release Preview Channel
Winsage
March 13, 2025

Releasing Windows 10 Build 19045.5674 to the Release Preview Channel

The Windows Insider Program Team has released an update for Windows 10, specifically the Windows 10 22H2 Build 19045.5674 (KB5053643), available in the Release Preview Channel for version 22H2. Key features and improvements include: - Introduction of Noto CJK fonts for enhanced linguistic capabilities. - Updates to Country and Operator Settings Asset (COSA) profiles for better mobile connectivity. - Fix for thumbnail crashes in File Explorer. - Secure storage of temporary files in “C:WindowsSystemTemp” to reduce unauthorized access risks. - Resolution of issues with Get-Help troubleshooters in Remote Desktop sessions. - Enhanced support for Windows Search within the European Economic Area (EEA). - Fix for printers using Independent Hardware Vendor (IHV) drivers that output incorrect text.
TSplus Introduces Major Update for Remote Control to Android from Any Device
AppWizard
March 6, 2025

TSplus Introduces Major Update for Remote Control to Android from Any Device

TSplus has released a major update to its Remote Support Android app, now available on the Google Play Store. This update enhances the app's features, which originally allowed users to remotely view and control devices in Full HD resolution at 24 frames per second, with functionalities including keyboard and mouse control, user chat, and device management. The update fully operationalizes the Sharer feature for seamless remote control of Android devices from various platforms. Enhancements include improved performance with upgraded screen encoder and decoder, new settings for optimizing app performance on older devices, shortcuts for quick actions, and improved debugging for easier issue reporting.
Serious PostgreSQL flaw exploited in US Treasury zero-day attack
Tech Optimizer
February 21, 2025

Serious PostgreSQL flaw exploited in US Treasury zero-day attack

Security researchers have identified a zero-day vulnerability in PostgreSQL, labeled CVE-2025-1094, which is believed to have contributed to the cyber breach of the US Treasury in December. The breach was initially attributed to the command injection vulnerability CVE-2024-12356 in the BeyondTrust Remote Support platform. Successful exploitation of CVE-2024-12356 required prior exploitation of CVE-2025-1094. Although BeyondTrust issued a patch for CVE-2024-12356 in December 2024, it did not resolve the underlying issue of CVE-2025-1094, leaving it a zero-day vulnerability until reported to PostgreSQL. Chinese hackers reportedly gained remote access to multiple workstations within the US Treasury, potentially compromising unclassified documents. The details of the accessed documents and the number of workstations involved are not disclosed. This incident is part of a broader pattern of cyber attacks linked to Chinese state-sponsored actors.
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Tech Optimizer
February 20, 2025

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

Rapid7's vulnerability research team reported that a security flaw in PostgreSQL was exploited as a zero-day vulnerability to infiltrate BeyondTrust's network in December, involving two zero-day vulnerabilities, CVE-2024-12356 and CVE-2024-12686, along with a stolen API key, leading to unauthorized access to 17 Remote Support SaaS instances. In early January, the U.S. Treasury Department disclosed a compromise of its network, with attackers using the stolen API key to access its BeyondTrust instance, linked to the Silk Typhoon cyber-espionage group. The attackers targeted critical offices within the Treasury, including CFIUS and OFAC, and accessed the Office of Financial Research systems. CISA added CVE-2024-12356 to its Known Exploited Vulnerabilities catalog on December 19, mandating federal agencies to secure their networks. On January 27, Rapid7 uncovered another zero-day vulnerability in PostgreSQL, CVE-2025-1094, which allows SQL injection attacks due to mishandling of invalid UTF-8 characters. Rapid7 found that exploiting CVE-2024-12356 for remote code execution requires CVE-2025-1094, and while BeyondTrust classified CVE-2024-12356 as command injection, Rapid7 suggests it is an argument injection vulnerability. They identified a method to exploit CVE-2025-1094 for remote code execution in BeyondTrust systems independently of CVE-2024-12356, noting that BeyondTrust's patch for CVE-2024-12356 does not resolve the root cause of CVE-2025-1094 but prevents exploitation of both vulnerabilities.
PostgreSQL vulnerability exploited in US Treasury attack
Tech Optimizer
February 20, 2025

PostgreSQL vulnerability exploited in US Treasury attack

In December 2024, suspected state-sponsored Chinese hackers executed a sophisticated cyber attack on U.S. Treasury employees' workstations, utilizing a dual vulnerability strategy involving CVE-2024-12356 and CVE-2025-1094. CVE-2024-12356 is an unauthenticated command injection flaw in BeyondTrust Remote Support SaaS, while CVE-2025-1094 is a PostgreSQL zero-day vulnerability that allows SQL injection attacks through the psql tool. The PostgreSQL team released a fix for CVE-2025-1094 on February 13, 2025, and BeyondTrust issued patches in December 2024 to mitigate the vulnerabilities. PostgreSQL users are advised to upgrade to fixed versions: 17.3, 16.7, 15.11, 14.16, or 13.19, and BeyondTrust users should implement the December 2024 fix. Rapid7 has provided advisories and indicators of compromise related to these vulnerabilities.
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
Tech Optimizer
February 17, 2025

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

The US Treasury workstations were breached by suspected state-sponsored Chinese hackers using two zero-day vulnerabilities. The first vulnerability, CVE-2024-12356, is an unauthenticated command injection flaw in BeyondTrust's Remote Support SaaS, which requires prior exploitation of CVE-2025-1094. CVE-2025-1094 is related to the PostgreSQL interactive tool, psql, and allows SQL injection attacks due to improper handling of invalid byte sequences. This vulnerability can lead to arbitrary code execution through the execution of meta-commands. Fixes for CVE-2025-1094 were issued by the PostgreSQL team on February 13, 2025, and BeyondTrust released patches in December 2024 that also mitigate risks associated with this vulnerability. PostgreSQL users are advised to upgrade to specific fixed versions, and BeyondTrust users should implement the December 2024 fix. Rapid7 has provided technical details and indicators of compromise for the vulnerabilities.
Rapid7 Discovers High-Severity SQL Injection Vulnerability - Australian Cyber Security Magazine
Tech Optimizer
February 14, 2025

Rapid7 Discovers High-Severity SQL Injection Vulnerability – Australian Cyber Security Magazine

Cybersecurity firm Rapid7 has identified a SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool, psql. This vulnerability was discovered during an investigation into another vulnerability, CVE-2024-12356, which poses unauthenticated remote code execution risks. Successful exploitation of CVE-2024-12356 requires prior exploitation of CVE-2025-1094. Although BeyondTrust patched CVE-2024-12356 in December 2024, it did not address the root cause of CVE-2025-1094, leaving it as a zero-day until reported by Rapid7. All supported versions prior to PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are vulnerable, with a CVSS 3.1 base score of 8.1, indicating high severity. The vulnerability arises from flawed assumptions about PostgreSQL’s string escaping routines, allowing SQL injection under certain conditions. An attacker could exploit this vulnerability to execute arbitrary code via meta-commands in the psql tool. Users are advised to upgrade to PostgreSQL versions 17.3, 16.7, 15.11, 14.16, or 13.19 to mitigate risks.
PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution
Tech Optimizer
February 14, 2025

PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution

Researchers have identified a SQL injection vulnerability, CVE-2025-1094, in PostgreSQL's interactive terminal tool, psql. This vulnerability is linked to another vulnerability, CVE-2024-12356, related to remote code execution in BeyondTrust's products. CVE-2025-1094 arises from a flawed assumption about the security of escaped untrusted input and allows attackers to inject malicious SQL statements due to the processing of invalid UTF-8 characters. It has a CVSS 3.1 base score of 8.1, indicating high severity, and can lead to arbitrary code execution through psql's meta-command functionality. The vulnerability affects all supported PostgreSQL versions prior to 17.3, 16.7, 15.11, 14.16, and 13.19. Users are advised to upgrade to these patched versions to mitigate risks. A Metasploit module targeting this vulnerability has been developed, emphasizing the urgency for organizations to implement patches.
Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks
Tech Optimizer
February 14, 2025

Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

Researchers from Rapid7 have identified a significant SQL injection vulnerability in PostgreSQL, designated as CVE-2025-1094. This flaw was discovered during an investigation into another vulnerability, CVE-2024-12356, which was patched by BeyondTrust in December 2024. The patch for CVE-2024-12356 did not resolve the underlying issue of CVE-2025-1094, allowing it to remain a zero-day vulnerability until reported by Rapid7. CVE-2025-1094 has a CVSS score of 8.1 and is caused by improper handling of quoting syntax in PostgreSQL’s libpq functions. Versions of PostgreSQL prior to 17.3, 16.7, 15.11, 14.16, and 13.19 are vulnerable. The exploitation of CVE-2025-1094 allows attackers to inject malicious SQL commands and execute arbitrary code through psql meta-commands. PostgreSQL has released updates to address this vulnerability in the aforementioned versions. The discovery was made by Stephen Fewer, a principal Security Researcher at Rapid7.
Search