Security Chronicle’s Post

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool: A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source software] https://lnkd.in/g2zm8Z45

#IoTSecurity #Vulnerabilities Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.  The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. https://lnkd.in/gYRz6HvG

Multiple critical security flaws have been identified in Judge0, an open-source online code execution system. These vulnerabilities could allow attackers to escape the sandbox environment, gain root access, and take complete control of the host machine. The disclosed vulnerabilities include symlink exploitation, patch bypass issues, and a Server-Side Request Forgery (SSRF) that enables remote code execution as root.

Fortinet's recently Tracked CVE -2024-21762 #zerodayvulnerability in FortiOS and FortiProxy that allows attackers to execute arbitrary code through specially crafted HTTP requests shows no signs of any large-scale. However, the GreyNoise which conducted the technical analysis of the #zerodayvulnerability, has been tracking the CVE -2024-21762 exploitation attempts and its #honeypot is yet to see any attacks. https://lnkd.in/gf-A3H2e

#BHEU Briefing "Breaking Matter: Vulnerabilities in the Matter Protocol" describes a new type of attack, namely the Delayed Denial of Service (DeeDoS), which gives an attacker, outside of a fabric, the ability to disable devices. To help solve and to further motivate other researchers to delve into the topic, we will explore Matter's core security constructions and present two vulnerabilities. Register now >> https://bit.ly/3YjB6A0

Hewlett Packard Enterprise (HPE) has released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities (CVE-2024-42509 and CVE-2024-47460) in Aruba Networking Access Points. These flaws allow remote attackers to perform unauthenticated command injection by sending specially crafted packets to Aruba’s Access Point management protocol (PAPI) over UDP port 8211. Check out more of the weekly Vulnerabilities: https://lnkd.in/dZpCUp33

🔍 ReliaQuest recently responded to detections from an endpoint detection and response (EDR) tool signaling the beginning of a ransomeware attack by the Medusa group. The Medusa group exploited unpatched vulnerabilities and hijacked accounts via compromised VPNs, NTDS dumps, and RDP for lateral movement. This report highlights Medusa's reliance on common tactics, techniques and procedures (TTPs). Learn how to protect your organization with robust VPN configurations, enhanced endpoint visibility, and automated response mechanisms. https://bit.ly/3RO6d2C

There are multiple stack&based buffer overflow vulnerabilities in V&SFT (v6.2...There are multiple stack-based buffer overflow vulnerabilities in V-SFT (v6.2.2.0 and earlier), TELLUS (v4.0.19.0 and earlier), and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially...https://lnkd.in/gKtMt6ed

D-Link Warns of Botnets Exploiting End-of-Life Routers | Source: https://lnkd.in/gr9BTEPn D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets.

D-Link Warns of Botnets Exploiting End-of-Life Routers | Source: https://lnkd.in/gr9BTEPn D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets.