Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package – OfficialSarkar

Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package – OfficialSarkar

Nov 20, 2024Ravie LakshmananLinux / Vulnerability Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month,…

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks – OfficialSarkar

Nov 20, 2024Ravie LakshmananCyber Espionage / Telecom Security A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal…

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation – OfficialSarkar

Nov 20, 2024Ravie LakshmananSoftware Security / Vulnerability Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. “This vulnerability is remotely exploitable without authentication, i.e., it…

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities – OfficialSarkar

Nov 20, 2024Ravie LakshmananZero Day / Vulnerability Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below – CVE-2024-44308 – A vulnerability in JavaScriptCore that could lead to arbitrary code execution…

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts – OfficialSarkar

Nov 19, 2024Ravie LakshmananCloud Security / Piracy Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of…

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices – OfficialSarkar

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. “At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers…

Why Privileged Access Security Must Be a Top Priority – OfficialSarkar

Nov 19, 2024The Hacker NewsInsider Threat / Credential Security Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Management (PAM) deployments. Yet, as the threat…

New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems – OfficialSarkar

Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. “Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given the recent development of ransomware targeting ESX,…

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign – OfficialSarkar

U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as Salt Typhoon, breached the company as part of a “monthslong campaign” designed to harvest cellphone communications of “high-value intelligence targets.” It’s not clear what information…

VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation – OfficialSarkar

Nov 19, 2024Ravie LakshmananVulnerability / Data Security Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known…