The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- AirDrop bugs expose Apple users’ email addresses, phone numbers
April 21, 2021
A team of academics from a German university said it discovered two vulnerabilities that can be abused to extract phone numbers and email addresses from Apple’s AirDrop file transfer feature. The two bugs reside in the authentication process during the initial phase of an AirDrop connection, where devices try to discover each one another and determine ...
- Pulse Secure VPN zero-day used to hack defense firms, govt orgs
April 20, 2021
Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks. To mitigate the vulnerability tracked as CVE-2021-22893 (with a maximum 10/10 severity score), Pulse Secure advises customers with gateways ...
- Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
April 20, 2021
In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction to obtain administrative access and code execution on a SonicWall ES device. The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a ...
- NSA: 5 Security Bugs Under Active Nation-State Cyberattack
April 16, 2021
The Feds are warning that nation-state actors are once again after U.S. assets, this time in a spate of cyberattacks that exploit five vulnerabilities that affect VPN solutions, collaboration-suite software and virtualization technologies. According to the U.S. National Security Agency (NSA), which issued an alert Thursday, the advanced persistent threat (APT) group known as APT29 (a.k.a. ...
- Second Google Chrome zero-day exploit dropped on twitter this week
April 14, 2021
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. A zero-day vulnerability is when detailed information about a vulnerability or an exploit is released before the affected software developers can fix it. These vulnerabilities pose a ...
- Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
April 13, 2021
While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft in February and after confirmation that it is indeed a zero-day, it received the designation ...