Security and FUD Leftovers
-
Silicon Angle ☛ McDonald’s Instagram hacked to promote cryptocurrency scam featuring Grimace
The official Instagram account of McDonald’s Corp. was reportedly hacked today to promote a cryptocurrency scam named after the McDonald’s character Grimace.
-
CVE-2024-43398: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-43398. We strongly recommend upgrading the REXML gem.
When parsing an XML that has many deep elements that have same local name attributes.
It’s only affected with the tree parser Hey Hi (AI) If you’re using
REXML::Document.newto parse an XML, you may be affected. -
NYOB ☛ noyb files two complaints against EU Parliament over massive data breach
noyb files two complaints against EU Parliament over massive data breach
-
Security Week ☛ CISA Warns of Exploited Vulnerabilities Impacting Dahua Products
CISA warns that attackers are exploiting two critical-severity authentication bypass vulnerabilities impacting multiple Dahua products.
-
Security Week ☛ Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
Atlassian has released patches for nine high-severity vulnerabilities in Bamboo, Confluence, Crowd, and Jira products.
-
Security Week ☛ Oil Giant Halliburton Confirms Cyber Incident, Details Scarce
US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.
-
Security Week ☛ Google Patches Sixth Exploited Chrome Zero-Day of 2024
Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.
-
LWN ☛ Security updates for Thursday
Security updates have been issued by AlmaLinux (.NET 8.0, bind, bind9.16, curl, edk2, firefox, gnome-shell, grafana, jose, krb5, libreoffice, mod_auth_openidc:2.3, orc, pcs, poppler, python-setuptools, python-urllib3, python3.11-setuptools, python3.12-setuptools, thunderbird, tomcat, and wget), Fedora (webkitgtk), SUSE (apache2, glib2, and roundcubemail), and Ubuntu (kernel, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15,
linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm,
linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle,
linux-raspi, linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4,
linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm,
linux-oracle, linux-oracle-5.4, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm,
linux-lowlatency, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency,
linux-oem-6.8, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-aws, linux-aws-hwe, linux-bluefield, linux-hwe-5.15, linux-raspi-5.4, and qemu).
-
Security Week ☛ China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.
-
Ruben Schade ☛ Generative Hey Hi (AI) is a security vulnerability
Thomas Claburn, writing for The Register:
“Slack Hey Hi (AI) uses the conversation data already in Slack to create an intuitive and secure Hey Hi (AI) experience tailored to you and your organization,” the messaging app provider explains in its documentation.
Except it’s not that secure, as PromptArmor tells it. A prompt injection vulnerability in Slack Hey Hi (AI) makes it possible to fetch data from private Slack channels.
-
Fear, Uncertainty, Doubt/Dramatisation
-
Security Week ☛ Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware [Ed: Old, largely irrelevant, still a source of FUD]
More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.
-
Critical SLUBStick Exploitation Technique Threatens Linux Security [Ed: Only privileges escalation]
A new and highly-effective cross-cache attack named SLUBStick has emerged, targeting the Linux kernel with a remarkable 99% success rate in transforming a limited heap vulnerability into an arbitrary memory read-and-write capability. This allows attackers to elevate privileges or even escape containerized environments, posing significant risks to Linux systems.
It works by tricking the kernel into reusing memory in a specific way, giving attackers complete control over the system. Researchers have tested SLUBStick on multiple Linux versions and found it highly effective, even when the kernel has the latest security protections in place.
-