Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Threat Intelligence
-
CVE-2024-31497 is a critical vulnerability in PuTTY SSH client versions 0.68 to 0.80, allowing recovery of a user’s private key due to biased nonce generation. Attackers can exploit this, posing serious threats. Several applications are also affected. Users must upgrade, revoke vulnerable keys, and update dependent applications to mitigate the risk and prevent breaches.
-
Palo Alto Networks has released critical updates to fix a zero-day vulnerability (CVE-2024-3400) in its firewall operating system PAN-OS. The flaw allows unauthenticated attackers to gain root access through command injection in the GlobalProtect gateway/portal. Hotfixes are available, and customers are advised to apply mitigation measures. The U.S. CISA has also mandated actions to address…
-
The XZ Compression Backdoor Timeline details a supply chain attack on the xz compression library by “Jia Tan,” who gained trust and eventually inserted a backdoor, affecting systems using the library. The attack was detected in March 2024, prompting industry response and highlighting vulnerabilities in open source supply chain security.
-
Cybersecurity expert Bartek Nowotarski revealed a new denial-of-service (DoS) attack strategy, the HTTP/2 Continuation Flood, posing a severe threat to organizations. Numerous vulnerabilities within HTTP/2 implementations have been identified, each with distinct CVE identifiers, presenting a range of DoS exploits. Immediate assessment, patching, enhanced monitoring, collaboration and sharing, and vendor communication are essential for protection.
-
A recent backdoor in xz/liblzma has raised concerns in the software industry. The culprit, who posed as a benign contributor, managed to introduce vulnerabilities into the open-source software. The security community has since taken action, but the incident highlights the challenges of open-source development..
-
Online retailer PandaBuy was compromised, exposing 1.3 million customers’ data, prompting users to change passwords and enable two-factor authentication. Similarly, a ransomware attack affected over 2.8 million individuals through Massachusetts Health Insurer, triggering lawsuits and the offer of credit monitoring.
-
Security vulnerabilities pose a significant threat to businesses. Netizen’s Security Operations Center (SOC) has identified five critical vulnerabilities from March. These include RCE vulnerabilities in Microsoft Windows Hyper-V and Open Management Infrastructure, as well as EoP vulnerabilities in Microsoft’s Azure Kubernetes Service and desktop versions of Firefox. Immediate patching or mitigation is essential.
-
Sam Bankman-Fried, founder of the defunct cryptocurrency exchange FTX, has been sentenced to 25 years in prison for extensive financial misconduct. The case highlights the urgency of enhanced Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT) measures in the cryptocurrency sector. The industry must strengthen AML/CFT protocols and collaboration with regulators to ensure market…
-
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog to include CVE-2023-24955, a high-severity Remote Code Execution (RCE) vulnerability in Microsoft SharePoint Server. This vulnerability, coupled with CVE-2023-29357, poses a significant threat, demanding immediate mitigation efforts to prevent potential cyberattacks. CISA urges all organizations to prioritize remediation.
-
A cyberattack campaign targeted the software supply chain, affecting Top.gg GitHub and individual developers. Attackers used multiple techniques including account takeovers, submission of malicious code through verified commits, and the creation of a fake Python mirror. The campaign involved sophisticated tactics such as typosquatting, social engineering, and obfuscation.
Netizen Blog and News 