Information from Wednesday afternoon to Thursday morning. News/Intelligence/IOCs Stories CISA Adds Three Known Exploited Vulnerabilities to Catalog – LINK Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year, Finds “2022 Cyberthreat Defense Report” – LINK WatchGuard waited 11 months to explicitly disclose critical flaw exploited by Sandworm – LINK New FFDroider malware steals Facebook, Instagram, […]
News/Intelligence/IOCs Stories New AcidRain data wiper malware targets modems and routers – LINK Chinese hacking group uses new ‘Fire Chili’ Windows rootkit – LINK Researchers used a decommissioned satellite to broadcast hacker TV – LINK Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks – LINK The Windows Update policies you should set and why […]
LINK A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic.
LINK CVE-2022-0The bug (CVE-2022-0492) exists in the Linux kernel’s “cgroup_release_agent_write” feature, which is found in the “kernel/cgroup/cgroup-v1.c” function. Time to examine updating.
LINK Thanks to QUalys for finding this. Polkit a more fine grained way of delegation of access on Linux machines has been found to have a 12 year old vulnerability allowing for execution of code
LINK As always, examine this linux update if its needed, if so, take the moment to update.
LINK Updates have already been released, time to look to update your systems
LINK If you use the NUC time to update. If you have Intel network cards for Linux, examine if you need to update
LINK A problem that has existed since 2014 has been found. Time to look if your distro (most likely it is) is affected.
LINK “This vulnerability potentially allowed actors with access to a well-formed SAML response for an organization–typically authenticated users, but potentially compromised endpoints or malicious proxies–to modify their identity and impersonate another user within the same organization,” Akamai explained.