October 23, 2024 at 08:25PM Google security researchers identified a critical vulnerability (CVE-2024-44068) in Samsung’s Exynos mobile chips, allowing attackers to escalate privileges and remotely execute code. The flaw, rated 8.1 on the CVSS scale, affects multiple processor versions. Samsung issued a patch on October 7, but in-the-wild exploits have already emerged. ### Meeting Notes … Read more
October 22, 2024 at 05:38PM A critical zero-day vulnerability (CVE-2024-44068) in Samsung’s mobile processors allows arbitrary code execution. Discovered in the m2m scaler driver, it received an 8.1 CVSS score and was patched in October 2024. Reported by Google researchers, it includes privilege escalation and anti-forensic measures. **Meeting Takeaways:** 1. **Discovery of Vulnerability**: A zero-day … Read more
October 22, 2024 at 08:52AM A zero-day vulnerability in Samsung mobile processors has been exploited, enabling arbitrary code execution. Google has issued a warning about this security threat, highlighting the ongoing risks associated with the exploit. **Meeting Notes Takeaways:** 1. **Incident Overview**: A zero-day vulnerability in Samsung mobile processors has been identified and is currently … Read more
September 27, 2024 at 09:24AM New security vulnerabilities in CUPS on Linux systems permit remote command execution. Attackers can exploit these issues to install fake printers and execute malicious code, potentially leading to data theft or system damage. The vulnerabilities affect RHEL but do not impact Palo Alto Networks products. Patches are forthcoming, and temporary … Read more
January 31, 2024 at 02:16PM A proof-of-concept (PoC) exploit for CVE-2023-45779, a local privilege elevation flaw affecting seven Android OEMs, has been publicly released on GitHub by Meta’s Red Team X. The flaw, addressed in Android’s December 2023 security update, results from insecure signing of APEX modules. Devices with the 2023-12-05 security patch are protected. … Read more
January 12, 2024 at 05:43PM The Cybersecurity and Infrastructure Security Agency (CISA) added a critical privilege escalation vulnerability, CVE-2023-29357, affecting Microsoft SharePoint servers to its list of Known Exploited Vulnerabilities (KEV). This vulnerability, rated 9.8 out of 10, allows attackers to bypass authentication and gain administrative access. Despite a June patch, active exploitation continues, as … Read more
January 12, 2024 at 02:47PM CISA warned of active exploitation of critical Microsoft SharePoint vulnerabilities, including CVE-2023-29357, which allows attackers to gain admin privileges using spoofed JWT tokens. When chained with another bug, remote code execution is possible. These exploits have gained attention after a successful demo at the Pwn2Own contest, leading to the release … Read more
January 11, 2024 at 04:01AM A pair of zero-day flaws in Ivanti Connect Secure (ICS) and Policy Secure have been exploited by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity identified the activity and attributed it to a hacking group it tracks under the name UTA0178. Patches are expected to … Read more
November 13, 2023 at 12:29PM CISA has warned federal agencies to secure Juniper devices on their networks by Friday due to four vulnerabilities that are being actively exploited. Juniper has acknowledged successful exploitation of these vulnerabilities and has urged customers to upgrade immediately. Over 10,000 Juniper devices with vulnerable interfaces have been exposed online. CISA … Read more
November 1, 2023 at 02:11AM F5 has warned of active exploitation of a critical security flaw in BIG-IP, allowing attackers to execute arbitrary system commands. The vulnerability, tracked as CVE-2023-46747, affects several versions of the software. Additionally, F5 has observed threat actors using this vulnerability in conjunction with CVE-2023-46748, an authenticated SQL injection flaw. Users … Read more