The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Yatron Ransomware Plans to Spread Using EternalBlue NSA Exploits
March 12, 2019
A new Ransomware-as-a-Service called Yatron is being promoted on Twitter that plans on using the EternalBlue and DoublePulsar exploits to spread to other computer on a network. This ransomware will also attempt to delete encrypted files if a payment has not been made in 72 hours. BleepingComputer was first notified about the Yatron RaaS by a security ...
- New SLUB Backdoor Uses GitHub, Communicates via Slack
March 7, 2019
We recently came across a previously unknown malware that piqued our interest in multiple ways. For starters, we discovered it being spread via watering hole attacks, a technique that involves an attacker compromising a website before adding code to it so visitors are redirected to the infecting code. In this case, each visitor is redirected only ...
- Google reveals Chrome zero-day under active attacks
March 6, 2019
Google revealed yesterday that a patch for Chrome last week was actually a fix for a zero-day that was under active attacks. The attacks exploited CVE-2019-5786, a security flaw and the only patch included in the Chrome 72.0.3626.121 version, released last Friday, March 1, 2019. According to an update to its original announcement and a tweet from Google Chrome’s security lead, ...
- Hide yo’ kids, hide yo’ clouds: Zerodium offering big bucks for cloud zero-days
March 5, 2019
Exploit vendor Zerodium announced today plans to pay a whopping $500,000 for zero-days in popular cloud technologies like Microsoft’s Hyper-V and (Dell) VMware’s vSphere. Both Hyper-V and vSphere are what experts call virtualization software, also called hypervisors –software that lets a single “host” server create and run one or more virtual “guest” operating systems. Virtualization software is ...
- New exploit lets attackers take control of Windows IoT Core devices
March 2, 2019
Speaking at a conference today, a security researcher has revealed a new exploit impacting the Windows IoT Core operating system that gives threat actors full control over vulnerable devices. The vulnerability, discovered by Dor Azouri, a security researcher for SafeBreach, impacts the Sirep/WPCon communications protocol included with Windows IoT operating system. Azouri said the vulnerability only impacts Windows ...
- Hackers target Elasticsearch clusters in fresh malware campaign
February 27, 2019
Security researchers have observed a spike in attacks from multiple threat actors targeting Elasticsearch clusters, in what is believed to be an attempt to spread malware on victims’ machines. Attackers appear targeting clusters using versions 1.4.2 and lower, and are leveraging old vulnerabilities to pass scripts to search queries and drop the attacker’s payloads, according to ...