The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.
darkreading – Read More
Scammers set up call centers in luxury rentals to run bank help-desk fraud, as well as large-scale phishing campaigns, across at least 10 European countries, according to law enforcement.
darkreading – Read More
Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Luigi Mangione, a 26-year-old graduate of the University of Pennsylvania, was apprehended on Monday after visiting a McDonald’s in Altoona, Pennsylvania.
Security Latest – Read More
Researchers demonstrate a proof-of-concept cyberattack vector that gets around remote, on-premises, and local versions of browser isolation security technology to send malicious communications from an attacker-controlled server.
darkreading – Read More
Cisco Talos’ Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service.
These vulnerabilities have not been patched at time of this posting.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
Discovered by Matt Wiseman of Cisco Talos.
The MC-LR Router from MC Technologies supports IPsec and OpenVPN implementations, firewall capabilities, remote management via HTTP and SNMP, and configurable alerting via SMS and email, with two-port and four-port variants, includes models that support transparent serial-to-TCP translations and 1-in/1-out digital I/O.
Talos recently published two advisories detailing OS command injection vulnerabilities discovered in the MC-LR Router from MC Technologies. TALOS-2024-1953 covers three vulnerabilities (CVE-2024-28025 through CVE-2024-28027), which are reachable through the I/O configuration functionality of the web interface. TALOS-2024-1954 covers one vulnerability (CVE-2024-21786) in the importation of uploaded configuration files. All vulnerabilities may be triggered with an authenticated HTTP request.
Discovered by Edwin Molenaar and Matt Street of Cisco Meraki.
The GoCast tool provides BGP routing for advertisements from a host; it is commonly used for anycast-based load balancing for infrastructure service instances available in geographically diverse regions.
The GoCast HTTP API allows the registration and deregistration of apps without requiring authentication, shown in TALOS-2024-1962 (CVE-2024-21855). The lack of authentication can be used to exploit TALOS-2024-1960 (CVE-2024-28892) and TALOS-2024-1961 (CVE-2024-29224), leading to OS command injection and arbitrary command execution.
Cisco Talos Blog – Read More
The CVE-2024-54143 vulnerability affects the OpenWrt sysupgrade server and exposes users to risks of installing malicious firmware images.
The post Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
Atlanta-based Artivion filed documents with the Securities and Exchange Commission saying that a pre-Thanksgiving ransomware attack was disrupting its delivery systems.
The Record from Recorded Future News – Read More
Summary: A massive phishing operation that targeted victims across Europe has been dismantled, thanks to a joint effort…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
