Security Leftovers

posted by Roy Schestowitz on Oct 25, 2024

• The Register UK ☛ Samsung phone users exposed to EoP attacks, Google warns

  The use-after-free vulnerability is tracked as CVE-2024-44068, and it affects Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. It received an 8.1 out of 10 CVSS severity rating, and Samsung, in its very brief security advisory, describes it as a high-severity flaw. The vendor patched the hole on October 7.

  While the advisory doesn't make any mention of attackers abusing the vulnerability, according to Googlers Xingyu Jin and Clement Lecigene, someone(s) has already chained the flaw with other CVEs (those aren't listed) as part of an attack to execute code on people's phones.

• The Register UK ☛ Perfctl malware strikes again via Docker Remote API servers

  So best shore up Docker Remote API servers now as Trend warns that exploiting these unprotected servers has "reached a critical level where the attention of an organization and its security professionals is seriously required."

• Windows TCO

  • Kansas Reflector ☛ Kansas trial courts completing transition to centralized case management system

    The October 2023 attack shut down Kansas’ electronic filing network for months and was linked to affiliates of a Russian-based ransomware organization.

    “We promised to transform how our courts serve Kansans, but we didn’t anticipate the major challenges we would overcome getting to this day,” said Marla Luckert, chief justice of the Kansas Supreme Court.

    Millions of dollars was spent fortifying the judicial system’s technology infrastructure to shield operations from criminal attacks and to make it more resilient during catastrophic events.