The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
December 14, 2021
Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot and more in the form of fake applications. The patch came as part of the computing giant’s December Patch Tuesday update, which included a total of 67 fixes for security vulnerabilities. The patches cover the waterfront of Microsoft’s portfolio, affecting ...
- Bugs in billions of WiFi, Bluetooth chips allow password, data theft
December 13, 2021
Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it’s possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device’s Bluetooth component. Modern consumer electronic devices such as smartphones feature SoCs with separate Bluetooth, WiFi, and LTE components, each with ...
- CERT NZ Alert: Log4j RCE 0-day actively exploited
December 10, 2021
The ubiquitous java logging library, log4j, has an unauthenticated RCE vulnerability if a user-controlled string is logged. This could allow the attacker full control of the affected server. Reports from online users show that this is being actively exploited in the wild and that proof-of-concept code has been published. This includes many applications and services written in ...
- Hundreds of thousands of MikroTik devices still vulnerable to botnets
December 9, 2021
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. MikroTik is a Latvian manufacturer of routers and wireless ISPs who has sold over 2,000,000 devices globally. In August, the Mēris botnet exploited vulnerabilities in MikroTik routers to create an army of devices that performed a record-breaking DDoS ...
- Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products
December 8, 2021
On September 16, 2021, the Apache Software Foundation disclosed five vulnerabilities affecting the Apache HTTP Server (httpd) 2.4.48 and earlier releases. For a description of these vulnerabilities, see the Apache HTTP Server 2.4.49 section of the Apache HTTP Server 2.4 vulnerabilities webpage. This advisory will be updated as additional information becomes available. Read more… Source: CISCO
- SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugs
December 8, 2021
SonicWall ‘strongly urges’ organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical. The bugs (reported by Rapid7’s Jake Baines and NCC Group’s Richard Warren) impact SMA 200, 210, 400, 410, and 500v appliances even when the web application firewall (WAF) is enabled. The ...