Security Affairs

CISA Adds Acclaim Systems USAHERDS Flaw to its Known Exploited Vulnerabilities Catalog

The vulnerability, tracked as CVE-2021-44207, was exploited by the Chinese cyber-espionage group APT41 to breach multiple U.S. state government networks. The flaw stems from the use of hard-coded credentials.

Multiple Flaws in Volkswagen Group's Infotainment Units Allow for Vehicle Compromise

Researchers from PCAutomotive discovered multiple vulnerabilities in the infotainment units used in some Volkswagen. Remote attackers can exploit the flaws to achieve certain controls and track the location of cars in real time.

Hundred of Cisco Switches Impacted by Bootloader Flaw

Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS software’s bootloader that could be exploited by attackers to bypass image signature verification.

RedLine info-stealer campaign targets Russian businesses

Threat actors target business process automation users by distributing a malicious version of the HPDxLIB activator. Unlike the legitimate C++ version with a valid certificate, the malicious one is built in .NET and uses a self-signed certificate.

Authorities Shut Down Crimenetwork, the Germany’s Largest Crime Marketplace

The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA).

CISA Adds ProjectSend, North Grid Proself, and Zyxel Firewall Bugs to its Known Exploited Vulnerabilities Catalog

Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application’s configuration.

Source Code of Banshee Stealer Leaked Online

BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API to detect debugging and checks for virtualization by running a command to see if “Virtual” appears in the hardware model identifier.

Zyxel Firewalls Targeted in Recent Ransomware Attacks

Zyxel warns that a ransomware gang has been exploiting a recently patched command injection vulnerability, CVE-2024-42057, in its firewalls for initial compromise. Remote, unauthenticated attackers could exploit the flaw to execute OS commands.

DoJ Shut Down Credit Card Marketplace PopeyeTools

Apart from the seizure of multiple domains associated with the cybercrime platform, the authorities have also confiscated $283,000 worth of cryptocurrency linked to illicit operations.

CISA Adds Apple, Oracle Agile PLM Bugs to its Known Exploited Vulnerabilities Catalog

CISA orders federal agencies to fix these vulnerabilities by December 12, 2024. Experts also recommend private organizations review the KEV Catalog and address the vulnerabilities in their infrastructure.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags