2024, Authentication and Firmware - Cyber Security Informer

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware

Firmware Authentication Engineering Hacking

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware

Firmware Authentication Hacking Cybersecurity

Zyxel addressed three RCEs in end-of-life NAS devices

Security Affairs

JUNE 5, 2024

Below is the list impacting the Zyxel NAS devices: CVE-2024-29972 : This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. 13)C0 and older.

Firmware

Firmware Authentication Manufacturing Hacking

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024. Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.

Firmware

Firmware Authentication Passwords Hacking

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

June 3, 2024 Exploit Chain Enables RCE in Progress Telerik Report Servers Type of vulnerability: Chained remote code execution. The exploit combines an authentication bypass ( CVE-2024-4358 ) with a deserialization issue ( CVE-2024-1800 ). The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0

Malware

Malware Authentication Software Telecommunications

VulnRecap 1/16/24 – Major Firewall Issues Persist

eSecurity Planet

JANUARY 16, 2024

January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection. This vulnerability is tracked as CVE-2024-21591. Potential results of the exploits include authentication bypass and command injection. Versions 9.x

Firewall

Firewall Firmware IoT Authentication

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

eSecurity Planet

MAY 20, 2024

May 10, 2024 Vulnerability in Python Package Affects AI Models Type of vulnerability: Template injection in Python package. The vulnerability is tracked as CVE-2024-34359 and has a severity rating of 4.0. doesn’t always require authentication for SSID during a Wi-Fi session.

VPN

VPN Firmware Malware Software

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

January 16, 2024 Open-Source UEFI Implementation Sees 9 Vulnerabilities Type of vulnerability: Weaknesses in the network boot process of UEFI’s network implementation. The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities.

Authentication

Authentication Malware VPN Mobile

Impacts on ICS from the updated Cyber Assessment Framework (CAF)

Pen Test Partners

MAY 16, 2024

On 18th April 2024 NCSC announced the latest iteration of the CAF with version 3.2. Those three material changes Two of these changes relate to the Identity and Access Control Principle and in particular the Identity Verification, Authentication and Authorisation CO. What has changed in the CAF?

Authentication

Authentication Software Firmware Accountability

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

” In February 2024, a court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control of the Russia-linked group APT28. Upgrade to the latest firmware version. Additionally, the actors have strategically targeted many individuals in Ukraine.”

Energy and Utilities

Energy and Utilities Government Firewall Malware

An educational robot security research

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. ADB Activation We analyzed the configuration files contained in the firmware memory chip and found a setting called “ENABLE_ADB=N.” This was the first security-related issue we discovered.

Education

Education Manufacturing Firmware Internet

12 Essential Risk Mitigation Strategies for 2024

Centraleyes

JUNE 11, 2024

12 Risk Mitigation Measures for 2024 In the next section, we draw upon insights from the National Security Agency (NSA) to explore top-tier risk reduction strategies. Additionally, ensure that updates are authentic and delivered over secure channels to maintain the integrity of software installations.

Risk

Risk Cyber Insurance Insurance Authentication

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

Once in place, manufacturers will have 30 months to begin meeting the new legal requirements, giving them until mid-2024 to bring the devices into compliance. New vulnerabilities are created every day by cybercriminals, leading to many IoT devices being installed with out-of-date firmware and other exploitable vulnerabilities.”.

Wireless

Wireless IoT Manufacturing Mobile

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

GitHub Enterprise Server and GitLab patched their authentication bypass and XSS issues. May 20, 2024 Critical QNAP NAS Vulnerability Exposes Devices to RCE Type of vulnerability: Stack buffer overflow. The fix: QNAP has released an emergency upgrade ( QTS 5.1.7.2770 version 20240520 ) that addresses CVE-2024-27130 and other issues.

Backups

Backups Authentication DDOS Engineering

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Tel Aviv, Israel – Jan.

IoT

IoT InfoSec Firmware Manufacturing

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT

IoT Firmware Mobile Manufacturing

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. globally, +19.8%

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. The fix: Apply Windows patches ASAP.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

Trending Sources

Zyxel addressed three RCEs in end-of-life NAS devices

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

VulnRecap 1/16/24 – Major Firewall Issues Persist

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

Impacts on ICS from the updated Cyber Assessment Framework (CAF)

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

An educational robot security research

12 Essential Risk Mitigation Strategies for 2024

EU to Force IoT, Wireless Device Makers to Improve Security

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

IoT Secure Development Guide

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected