TheCyberThrone Security Week In Review – August 12, 2023
Share this:
TheCyberThrone
Security Week In Review
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 12, 2023.
1. CVE-2023-34034 – Spring WebFlux Vulnerability
Researchers have spotted a security flaw that has been found in Spring Security’s latest versions. The vulnerability tracked is a broken access control related, and as CVE-2023-34034, the flaw has a CVSS score of 9.8.Spring Security is an integral part of the Java-based Spring Framework, catering to robust authentication and access control.
With its broad user base, a security flaw within it could lead to devastating outcomes.An investigation on the vulnerability, conducted by researchers and described the exact nature of the flaw, its potential victims, and a proof-of-concept illustrating the scenarios in which this flaw could be triggered for unauthorized access
2. Abnormal Security Debuts CheckGPT
Abnormal Security has announced a new service called CheckGPT, specifically designed to detect artificial intelligence-generated email attacks.The service determines when email threats, including business email compromise and other socially engineered attacks, have likely been created using generative AI tools.
The security firm argues that cybercriminals are harnessing the power of generative AI, such as ChatGPT or its malicious counterpart, WormGPT, to craft compelling emails that evade traditional security measures. As generative AI becomes more widely adopted, there is a considerable increase in BEC attacks.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
3. Windows Defender Pretender Attack
Microsoft has patched nearly 100 vulnerabilities in April 2023, and one among them was a security feature bypass vulnerability that allows an unprivileged user to hijack Windows Defender and use it to exploit the target systems. This was inspired by Flame espionage campaign that took place in Iran, way back in 2012.Researchers now uncovered issues with Windows Defender during an attempt to take over the antivirus tool’s update process.
The primary goal is to verify if the update process could be used to introduce malware into systems through EDR. Researchers also wanted to verify if they could get Windows Defender to delete signatures of known threats and to delete benign files and trigger a DoS condition on a compromised system.
4. Black Hat Las Vegas USA 2023 Summary
Here is the below content summarizing some of the announcements made by vendors at Black Hat USA conference in Las Vegas. 2023, including new products and services, updates to existing offerings, reports, and other initiatives.
5. Dublin Airport Stolen After Third-party Data Breach
Data of Dublin Airport employees were compromised after professional service provider Aon fell victim to a MOVEit Transfer attack. Dublin Airport notified local authorities and Ireland’s Data Protection Commission.Aon is the victim of the attacks exploiting the flaw CVE-2023-34362, affecting Progress Software’s MOVEit file transfer platform.DAA announced that it is assisting the impacted employees, Aon has yet to publish a public statement about the security breach
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
