TheCyberThrone CyberSecurity Newsletter Top 5 Articles – April, 2024
Posted inSecurity NewsLetter

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – April, 2024

No Comments

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending April, 2024

Subscribers favorite #1

Google Fixes Critical Vulnerability in Chrome -CVE-2024-4058

Google has addressed four vulnerabilities in its Chrome browser. The most critical vulnerability, designated CVE-2024-4058. This flaw resides within ANGLE, a component of Chrome that translates graphics commands. If successfully exploited, it could allow attackers to execute arbitrary code on a victim’s machine, potentially leading to data theft, malware installation, or further system compromise.

Two other “high” severity vulnerabilities were also patched in this release:

  • CVE-2024-4059: An out-of-bounds read vulnerability in Chrome’s V8 JavaScript engine could potentially lead to the disclosure of sensitive information.
  • CVE-2024-4060: A use-after-free vulnerability in Dawn (Chrome’s WebGPU implementation) could be exploited for malicious purposes.

Subscribers favorite #2

VMWare addressed Several Vulnerabilities in SD-WAN

VMware has released critical security patches to address multiple vulnerabilities in its SD-WAN solution. These vulnerabilities, if left unpatched, could present significant risks to organizations relying on VMware SD-WAN for managing their network connections.

The first vulnerability is tracked as CVE-2024-22246 with a CVSS score of 7.4 is an Unauthenticated Command Injection flaw in the VMware SD-WAN Edge component. The second vulnerability is tracked as CVE-2024-22247 with a CVSS score of 4.8 is a BIOS Boot Modification through physical access to an appliance, The third vulnerability is tracked as CVE-2024-22248 with a CVSS score of 7.1 is an Open Redirect flaw.

Advertisements

Subscribers favorite #3

ArcaneDoor Exploits Cisco ASA and FTD

Cisco has warned about a national-state actor who has been actively targeting two previously unknown security vulnerabilities in Cisco products since November to breach government networks. The campaign, dubbed ArcaneDoor and tracked as UAT4356, was first detected by Cisco when it was contacted by a customer earlier this year. The customer reported suspicious activity on its Cisco Adaptive Security Appliances.

The first vector, designated CVE-2024-20353, is a vulnerability in the management and virtual private network web servers for Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software. It could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service condition.

The second vulnerability, named CVE-2024-20359, allowed for the preloading of virtual private network clients and plug-ins that are available in Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software. It could allow an authenticated, local attacker to execute arbitrary code with root-level privileges

SUBSCRIBE TO OUR BLOG TODAY !

We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day

Subscribers favorite #4

Ivanti Vulnerability is Wide Spread – CVE-2024-21894

A recently patched Ivanti high-severity heap overflow vulnerability, tracked as CVE-2024-21894, could impact nearly 16,500 internet-exposed Ivanti Connect Secure, and Poly Secure VPN gateways.

The maximum number of vulnerable Ivanti endpoints worldwide is at the U.S., with 4,700, followed by Japan, the UK, Germany, and France, according to a Shadowserver search. Significant exposure was also determined in China, the Netherlands, Spain, Canada, and India.

Advertisements

Subscribers favorite #5

Oracle Virtual Box Vulnerability PoC Released – CVE-2024-21111

Security researcher has published a PoC exploit for a vulnerability in Oracle VirtualBox. This vulnerability plagues VirtualBox versions before 7.0.16 and allows attackers with basic access to a Windows system running VirtualBox to escalate their privileges.

The vulnerability tracked as CVE-2024-21111 exploits a flaw in how VirtualBox manages log files. Attackers can trick VirtualBox into misusing its high-level system privileges for deleting or moving files. This grants attackers the ability to manipulate critical files and potentially take complete control of the affected system.

This brings end of this month in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on FacebookTwitterInstagram

Tags:

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.