InfoSec News 20241001
Top News
-
Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates
"The PHP project has recently released a security advisory, addressing several vulnerabilities affecting various versions of PHP. These vulnerabilities range from potential log tampering to arbitrary file inclusion and data integrity violations. It is strongly recommended that all PHP users update their systems to the latest patched versions immediately."
TLP1 : Green
-
CVE-2024-26808: PoC Exploit Shows Local Privilege Escalation Risk in Linux
"In a significant development for the cybersecurity community, researchers have published technical details and a proof-of-concept (PoC) exploit for a newly identified vulnerability in the Linux kernel, designated as CVE-2024-26808."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
DragonForce Ransomware Expands RaaS, Targets Firms Worldwide
"DragonForce ransomware is expanding its RaaS operation and becoming a global cybersecurity threat against businesses. Companies must implement strong cybersecurity strategies to defend against this growing ransomware attack and avoid becoming victims."
TLP1 : Green
-
Man charged for selling forged license keys for network switches
"The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices."
TLP1 : Green
-
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence
"North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Patelco Credit Union data breach impacted over 1 million people
"The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Critical XSS Flaw Discovered in Filament: CVE-2024-47186 Requires Urgent Update for Laravel Developers
"The Filament project, a popular collection of full-stack components for accelerated Laravel development, has issued a critical security advisory for CVE-2024-47186. This Cross-Site Scripting (XSS) vulnerability affects versions from v3.0.0 to v3.2.114, posing a significant risk to applications that render unvalidated ColorColumn or ColorEntry values."
TLP1 : Green
-
KartLANPwn (CVE-2024-45200) Exploits Mario Kart 8 Deluxe LAN Play Feature for RCE
"A serious vulnerability, dubbed KartLANPwn (CVE-2024-45200), has been identified in the wildly popular Nintendo game Mario Kart 8 Deluxe, putting millions of players at risk of remote code execution (RCE) during multiplayer sessions."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
JPCERT shares Windows Event Log tips to detect ransomware attacks
"Japan's Computer Emergency Response Center (JPCERT/CC) has shared tips on detecting different ransomware gang's attacks based on entries in Windows Event Logs, providing timely detection of ongoing attacks before they spread too far into a network."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning
"Researchers at Palo Alto Networks discovered an automated scanning tool called Swiss Army Suite (S.A.S) during regular monitoring of telemetry data. Our research indicates that attackers used this tool to perform vulnerability scans not only on our customers' web services but also on various online websites."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.