The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ethereum’s Create2: A Double-Edged Sword In Blockchain Security
March 18, 2024
Ethereum’s CREATE2 function is being exploited by attackers to compromise the security of digital wallets, bypassing traditional security measures and facilitating unauthorized access to funds. The attack method involves tricking users into approving transactions for smart contracts that haven’t been deployed yet, allowing cybercriminals to later deploy malicious contracts and steal cryptocurrencies. This vulnerability highlights the ...
- A patched Windows attack surface is still exploitable
March 14, 2024
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is ...
- A bug in an Irish government website exposed COVID-19 vaccination records
March 14, 2024
Two years ago, the Irish government fixed a vulnerability in its national COVID-19 vaccination portal that exposed the vaccination records of around a million residents. But details of the vulnerability weren’t revealed until this week after attempts to coordinate public disclosure with the government agency stalled and ended. Security researcher Aaron Costello said he discovered the ...
- CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
March 13, 2024
The Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited CVE-2024-21412 through the use of fake software installers. During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass CVE-2024-21412 that led ...
- Is Cybersecurity The Achilles’ Heel Of The Electric Vehicle Revolution?
March 12, 2024
The electric vehicle (EV) sector, though nascent and in its formative years, faces numerous challenges. Recent concerns, such as “range anxiety” (a vehicle battery’s charge and ability to complete a planned journey) among consumers and incidents of vehicles losing power in cold temperatures, have contributed to a slowdown in adoption. While the trajectory of electric vehicle ...
- Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
March 8, 2024
On January 10, 2024, Ivanti published a security advisory regarding two vulnerabilities in Ivanti Connect Secure VPN. These vulnerabilities, which were exploited in the wild, are identified as CVE-2023-46805 and CVE-2023-21887. The exploitation of these vulnerabilities was quickly adopted by a number of threat actors, resulting in a broad range of malicious activities. Check Point Research ...