The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber Safety Review Board Releases Unprecedented Report of its Review into Log4j Vulnerabilities and Response
July 14, 2022
WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report, which includes 19 actionable recommendations for government and industry. The recommendations from the CSRB – an unprecedented public-private initiative that brings together government and industry leaders to review and assess significant cybersecurity events to better protect ...
- Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
July 13, 2022
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in ...
- From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
July 12, 2022
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC) campaigns against ...
- Defense contractor pays $9m to settle whistleblower’s cybersecurity allegations
July 11, 2022
Aerojet Rocketdyne, which makes propulsion and power systems for launch vehicles, missiles and satellites for NASA and the US military, has agreed to pay $9 million to settle charges it misrepresented its products’ compliance with cybersecurity requirements in federal government contracts. The El Segundo, California-based company has a deep history in American space and military contracting, ...
- Security advisory accidentally exposes vulnerable systems
July 6, 2022
A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over a dozen vulnerable IP devices since at least April 2022. BleepingComputer became aware of this issue yesterday after getting tipped off by a reader who prefers to remain anonymous. The reader was baffled on seeing ...
- What to do about inherent security flaws in critical infrastructure?
July 3, 2022
The latest threat security research into operational technology (OT) and industrial systems identified a bunch of issues — 56 to be exact — that criminals could use to launch cyberattacks against critical infrastructure. But many of them are unfixable, due to insecure protocols and architectural designs. And this highlights a larger security problem with devices that ...