Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending January, 2024
Subscribers favorite #1
Jenkins fixes critical RCE Vulnerability – CVE-2024-23897
Jenkins has released the patch for a critical vulnerability that could result in remote code execution. The vulnerability tracked as CVE-2024-23897, with a CVSS score of 9.8, resides within Jenkins’ built-in command line interface (CLI), has sent ripples of concern across the IT landscape. This vulnerability, with a CVSS score of 9.8, opens the door to arbitrary file reads the CLI, potentially culminating in remote code execution.
Subscribers favorite #2
Microsoft Patch Tuesday -January 2024
Microsoft patched 49 CVEs in its January 2024 Patch Tuesday release, with two rated critical and 46 rated as important. For the second straight month, Microsoft did not patch any zero-day vulnerabilities that were exploited or publicly disclosed.
Vulnerabilities Category
- 10 Elevation of Privilege Vulnerabilities
- 7 Security Feature Bypass Vulnerabilities
- 12 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 6 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
Subscribers favorite #3
Microsoft Outlook Exploit leads to NTLM V2 Password Breach -CVE-2023-35636
Security researchers have unveiled three methods of exploitation to access NTLM v2 hashed passwords. Among these vulnerabilities, one stands out as particularly critical: CVE-2023-35636, an Outlook exploit that exposes sensitive information.
CVE-2023-35636 is a security vulnerability found in Microsoft Outlook, specifically in the calendar sharing function. This exploit enables attackers to intercept NTLM v2 hashes, which are used for authentication in Microsoft Windows systems. NTLM v2, although more secure than its predecessor, is still susceptible to offline brute-force and authentication relay attacks.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Subscribers favorite #4
Atlassian fixes RCE in Confluence Data Center – CVE-2023-22527
Atlassian has addressed a critical vulnerability that resides in Confluence Data Center and Confluence Server, that could lead to a remote code execution. The vulnerability tracked as CVE-2023-22527 with a CVSS score of 10, a Remote Code Execution vulnerability, that allows an attacker to run arbitrary code on a victim’s system remotely.
A template injection vulnerability on out-of-date versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected version. CVE-2023-22527 affects certain versions of Confluence Data Center and Server. Specifically, versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0-8.5.3, released before December 5, 2023, are at risk.
Subscribers favorite #5
Medusa ransomware adds Kansas KCATA to its victims list
The Kansas City Area Transportation Authority (KCATA) has suffered a ransomware attack on January 23. 2024. The Kansas City Area Transportation Authority (KCATA) is a public transit agency in metropolitan Kansas City. It has disclosed the attack on January 24 and immediately launched an investigation into the incident and notified appropriate authorities. The company hired external experts to restore impacted systems.
The KCATA states that the incident is not affecting its services, including fixed-route buses, as well as the Freedom and Freedom-On-Demand paratransit services.
This brings end of this month in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram