December 11, 2023

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending September, 2023

Subscribers favorite #1

Adobe Patches a Zero Day Bug – CVE-2023-26369

Adobe has urgently shipped a security update addressing a dire flaw in Adobe Acrobat and Reader. If left unchecked, this critical vulnerability could set the stage for arbitrary code execution, giving cyber attackers a potential backdoor into your system. The issue isn’t restricted to a single OS either – it’s wreaking havoc on both Windows and macOS systems.

The vulnerability dubbed as CVE-2023-26369, this nefarious zero-day vulnerability stems from an out-of-bounds write weakness. In layman’s terms, attackers leveraging this flaw can gain the capability to run malicious code on your device without your consent.

Adobe’s security bulletin highlights the gravity of the situation: “Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader,” as mentioned in their latest security advisory……..

Subscribers favorite #2

Craft CMS Critical RCE Bug – CVE-2023-41892

Researchers has recently disclosed a vulnerability CVE-2023-41892, a Remote Code Execution flaw in Craft CMS application.

CVE-2023-41892 is a bug identified in Craft CMS that can grant malicious actors the ability to execute arbitrary code on the server where the CMS is hosted. This vulnerability has a CVSS score of 10, it signifies that the vulnerability is not only easy to exploit due to its reduced attack code complexity, but it can also be harnessed from a remote location and doesn’t require any authentication on the target device which makes it a prime target for attackers

The developers have already addressed this vulnerability in version 4.4.15 and as far as known the developers have confirmed that they haven’t detected any attacks taking advantage of CVE-2023-41892. With the information now public, the number of attempts is likely to increase…….

Advertisements

Subscribers favorite #3

3 AM Ransomware Dissection

A new ransomware strain dubbed as “3AM” has been detected in an incident that attempted to infect a victim with LockBit ransomware had been blocked.

3AM ransomware is written in the Rust programming language and is new to the threat landscape. It attempts to stop multiple services on the infected computer before it begins encrypting files. Once encryption is complete, it attempts to delete Volume Shadow copies.

The threat actors behind the attack were unknown, and they were detected using a gpresult command to dump the policy settings enforced on the computer for a specified user. The attacker also used Cobalt Strike components and attempted to escalate privileges on the targeted computer using PsExec. Various other reconnaissance commands were used, and the attacker also added a new user for persistence……..

SUBSCRIBE TO OUR BLOG TODAY !

We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day

Subscribers favorite #4

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

The PoC exploit code for a Chrome zero-day vulnerability tracked as CVE-2023-4863 which allows remote attackers to execute code has been published. The vulnerability can be exploited if the target user visits a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

Researcher Ben Hawkes released an analysis of the CVE-2023-4863 vulnerability and researcher mistymntncop released a PoC. The heart of this vulnerability resides in Huffman coding, an algorithm that WebP uses to achieve lossless image compression. In an ideal world, this process would be flawless. However, the vulnerability emerged from an overflow in the Huffman table when decoding an image…….

Advertisements

Subscribers favorite #5

Cuba Ransomware Latest Tactics Analysis

Researchers have unveiled research into the activities of the notorious Cuba ransomware group known as Cuba targeting organizations worldwide, spanning various industries.

The group has changed names several times since its inception. The following aliases it has used:

  • ColdDraw
  • Tropical Scorpius
  • Fidel
  • Cuba

Back in December 2022, researchers detected a suspicious incident on a client’s system. This initial discovery unearthed three mysterious files that led to the activation of the komar65 library, also referred to as BUGHATCH……

This brings end of this month in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on FacebookTwitterInstagram

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Post

TheCyberThrone Security Week In Review – December 2nd & 10th, 2023

December 10, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

You may have missed

TheCyberThrone Security Week In Review – December 2nd & 10th, 2023

December 10, 2023

5Ghoul Vulnerabilities affects 5G devices

December 10, 2023

Microsoft EDGE Browser Critical Sandbox Escape Vulnerability – CVE-2023-35618

December 9, 2023

WordPress POP CMS Vulnerability

December 9, 2023

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2
%d