"U.S. CISA adds BeyondTrust software flaw to its known Exploited Vulnerabilities Catalog."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 20 December 2024, 1411 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check link or scroll down to read your selections.  Thanks for joining us today.

Security Affairs

69K followers24 articles per week#security#tech

10

Today

U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

2 TTPs

•

by Pierluigi Paganini / 2h

•

CVE-2024-12356

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw, tracked as CVE-2024-12356 (CV

Yesterday

Raccoon Infostealer operator sentenced to 60 months in prison

Ukrainian sentenced for cybercrime conspiracy

•

by Pierluigi Paganini / 4h

Raccoon Infostealer operator Mark Sokolovsky was sentenced to 60 months in US prison and ordered to pay over $910,000 in restitution. The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of the Raccoon Infostealer malware . “Ukrainian national Mark Sokolovsky was sentenced today to 60 months in federal prison for one count of conspira

Mirai botnet targets SSR devices, Juniper Networks warns

9 TTPs

•

by Pierluigi Paganini / 21h

•

Juniper warns of Mirai botnet

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Juniper Networks is warning that a Mirai botnet is targeting Session Smart Router (SSR) products with default passwords. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. Threat actors

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Execution (Enterprise TA0002)

•

by Pierluigi Paganini / 23h

•

CVE-2023-34990

Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. “A relative path traversal [CWE-23] in FortiWLM may allow a remote, unauthenticated

CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

3 TTPs

•

by Pierluigi Paganini / 1d

•

UAC-0125 spreads malware via Cloudflare

The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 abuses Cloudflare Workers services to target the Ukrainian army with Malware. The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 exploits Cloudflare Workers to target the Ukrainian military, spreading malware disguised as the mobile app Army+ app from Ukraine’

Dec 18, 2024

US considers banning TP-Link routers over cybersecurity concerns

5 TTPs

•

by Pierluigi Paganini / 1d

•

US considers banning TP-Link routers

The U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to cyberattacks, pose a national security risk, the Wall Street Journal reported . According to the WSJ, the U.S. government is considering banning TP-Link routers starting in 2025. TP-Link holds 65% of th

Russia-linked APT29 group used red team tools in rogue RDP attacks

9 TTPs

•

by Pierluigi Paganini / 1d

•

Earth Koshchei conducts rogue RDP attacks

Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian enti

Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677

2 TTPs

•

by Pierluigi Paganini / 1d

•

CVE-2024-53677

Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) in Apache Struts. A remote attacker could exploit this vulnerability to upload malicious files, potentially leading to arbitrary code execution. “An attacker

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

by Pierluigi Paganini / 2d

Meta has been fined €251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta €251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. “The Irish Data Protection Commission (DPC) has today announced its final decisions following two inquiries into Meta Plat

Dec 17, 2024

The Mask APT is back after 10 years of silence

10 TTPs

•

by Pierluigi Paganini / 2d

•

The Mask APT targets Latin America

Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask . The APT group targeted an organization in Latin America in 2019 and 2022. Threat actors accessed an MDaemon email server and used its WorldClient webmail component to maintain persistence wit

End of feed