The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- F5 issues BIG-IP patches to tackle unauthenticated remote code execution, critical flaws
March 11, 2021
F5 Networks has pushed out patches to tackle four critical vulnerabilities in BIG-IP, one of which can be exploited for unauthenticated remote code execution (RCE) attacks. The enterprise networking provider’s BIG-IP applications are enterprise-grade, modular software suites designed for data and app delivery, load balancing, traffic management, and other business functions. F5 says that 48 out of ...
- Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords
March 8, 2021
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies. According to researchers, at least 2,500 ...
- Newest Intel Side-Channel Attack Sniffs Out Sensitive Data
March 8, 2021
Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords. Unlike previous side-channel attacks, this attack does not rely on sharing memory, cache sets and other former tactics. Instead it leverages a component called CPU ring interconnect contention. This component facilitates ...
- Unpatched QNAP devices are being hacked to mine cryptocurrency
March 8, 2021
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. The threat actors exploit two pre-auth remote command execution (RCE) vulnerabilities in the Helpdesk app patched by QNAP in October 2020. Cryptomining malware discovered on NAS devices compromised during this campaign ...
- D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant
March 5, 2021
Researchers have discovered what they say is the first variant of the Gafgyt botnet family to cloak its activity using the Tor network. Gafgyt, a botnet that was uncovered in 2014, has become infamous for launching large-scale distributed denial-of-service (DDoS) attacks. Researchers first discovered activity from the newest variant, which they call Gafgyt_tor, on Feb. 15. In ...
- Accellion zero-day claims a new victim in cybersecurity company Qualys
March 4, 2021
Qualys has revealed that a “limited” number of customers may have been impacted by a data breach connected to an Accellion zero-day vulnerability. The cloud security and compliance firm said on Wednesday that the security incident did not have any “operational impact,” but “unauthorized access” had been obtained to an Accellion FTA server used by the ...