The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Warning issued over ‘widespread’ exploitation of Zyxel NAS devices
June 1, 2023
Security researchers at two companies have issued warnings over ‘widespread’ exploitation of Zyxel network devices. Researchers at Rapid7 raised the alarm over the ongoing exploitation of a critical authenticated command injection vulnerability, tracked as CVE-2023-28771, that was found to affect multiple Zyxel devices. Read more… Source: ITPro
- Operation Triangulation: iOS devices targeted with previously unknown malware
June 1, 2023
While monitoring its own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), Kaspersky researchers noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices from the inside, researchers created offline backups of the devices in question, inspected them using the ...
- CISA Releases Five Industrial Control Systems Advisories
June 1, 2023
CISA released five Industrial Control Systems (ICS) advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta Electronics DIAEnergie (Update A) Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Critical Barracuda 0-day was used to backdoor networks for 8 months
May 31, 2023
A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The software bug, tracked as CVE-2023-2868, is a remote-command injection vulnerability that stems from incomplete input validation of user-supplied .tar files, which are used to pack or archive multiple files. Read more… Source: ...
- Gigabyte motherboards come with a hidden firmware backdoor
May 31, 2023
Component supplier Gigabyte has some pressing questions to answer. The first and most pressing is, “Why did you put an updater backdoor into your own motherboard firmware without telling anyone?” The second is, “Why didn’t you lock it down in any meaningful way, hoping that it would stay secure simply by not being known?” Read more… Source: ...
- CISA Adds One Known Exploited Vulnerability to Catalog
May 26, 2023
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-2868 Barracuda Networks ESG Appliance Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...