Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending March, 2024
Subscribers favorite #1
Mozilla Fixes Critical Vulnerability in Firefox – CVE-2024-2615
Mozilla has released security patches for both its Firefox browser (Firefox 124, Firefox ESR 115.9) and Thunderbird email client (Thunderbird 115.9), addressing 14 vulnerabilities that could leave users open to severe attacks.
These flaws include a critical remote code execution vulnerability, as well as several high-risk bugs that could let attackers escape security sandboxes, trigger system crashes, steal data, or manipulate settings. The most critical vulnerability, tracked as CVE-2024-2615 that allows attackers to potentially run malicious code on your computer without your knowledge or interaction.
Subscribers favorite #2
Lazarus Group Exploits Windows Kernel Vulnerability -CVE-2024-21338
Avast has uncovered details surrounding a zero-day exploit actively used by the Lazarus Group, targeting a vulnerability in the Windows appid.sys driver. This kernel-level vulnerability allowed attackers to deploy an advanced, stealthy rootkit, named “FudModule.”
This vulnerability, hidden within the depths of the `appid.sys` AppLocker driver and tracked as CVE-2024-21338 with a CVSS score of 7.8, emerged as a Windows Kernel Elevation of Privilege Vulnerability. The exploit required an attacker to have initial access to the system, from where they could launch a specially designed application to leverage this vulnerability, aiming to gain SYSTEM privileges.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Subscribers favorite #3
Atlassian fixes Critical Vulnerability in Bamboo -CVE-2024-1597
Atlassian released patches to address multiple vulnerabilities in its Bamboo, Bitbucket, Confluence, and Jira products. The most severe vulnerability, tracked as CVE-2024-1597 with a CVSS score of 10, is a SQL injection flaw that impacts the org.postgresql:postgresql third-party dependency of Bamboo Data Center and Server.
This org.postgresql:postgresql Dependency vulnerability could allow an unauthenticated attacker to expose assets in your environment susceptible to exploitation, which has a high impact to CIA and requires no user interaction.
Subscribers favorite #4
Microsoft Copilot for Security GA soon
Microsoft is ready to launch Copilot for Security, a GPT-4-powered program designed to help cybersecurity workers investigate and stop hacks. For a year, it was in the preview stage where companies tried using the product.
Copilot for Security will be available for all customers globally on April 1. It is a standalone product featuring plugin support so it can receive data from third-party cybersecurity products. The program can also connect to Microsoft’s existing cloud security offerings, including Microsoft Defender 365, and provide protection.
Subscribers favorite #5
Red Hat Warning on Fedora Linux – CVE-2024-3094
Red Hat’s Information Risk and Security and Product Security teams have identified a critical vulnerability in the latest versions of the ‘xz’ compression tools and libraries. The affected versions, 5.6.0 and 5.6.1, contain malicious code that could potentially allow unauthorized access to systems. Fedora Linux 40 users and those using Fedora Rawhide, the development distribution for future Fedora builds, are at risk.
The vulnerability tracked as CVE-2024-3094, impacts users who have updated the compromised versions of the xz libraries. Red Hat urges all Fedora Rawhide users to immediately cease using the distribution for both work and personal activities until the issue is resolved. Plans are underway to revert Fedora Rawhide to the safer xz-5.4.x version, after which it will be safe to redeploy Fedora Rawhide instances.
This brings end of this month in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
