Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 17, 2024.
Microsoft Patch Tuesday-August 2024
Microsoft patched 90 CVEs in its August 2024 Patch Tuesday release, with seven rated critical, 82 rated as important, and one rated as moderate.
This includes updates for vulnerabilities in Microsoft Office and Components, Microsoft Windows DNS, Windows TCP/IP, Microsoft Teams, Windows Secure Boot, Windows Secure Kernel Mode, Windows Security Center, Windows SmartScreen, Windows App Installer, Windows Scripting, and more.
Microsoft has fixed several flaws in multiple software, including Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Cross-site Scripting (XSS), Information Disclosure, Security Feature Bypass, and Remote Code Execution (RCE)……
Zimbra addressed XSS and LFI vulnerabilities
The first vulnerability tracked as CVE-2024-33533. This vulnerability resides in the Zimbra webmail admin interface, stemming from inadequate input validation of the ‘packages’ parameter.
The second vulnerability tracked as CVE-2024-33535. This vulnerability pertains to unauthenticated local file inclusion within a web application, specifically linked to the handling of the ‘packages’ parameter.
he third vulnerability tracked as CVE-2024-33536. This vulnerability also involves reflected XSS, arising from insufficient input validation of the ‘res’ parameter…..
Self Claimed J.P Morgan extradited to USA
Belarusian-Ukrainian national and one of the world’s most prolific Russian-speaking cybercrime actors has been arrested in an international operation and extradited to the U.S.
The suspect, Maksim Silnikau, was arrested in Spain last in July. He then extradited from Poland to the U.S. to face charges related to cybercrime. Silnikau made his initial appearance in a U.S. court.
The court documents says he led two multi-year cybercrime schemes and, along with co-conspirators in 2011, created the first ever ransomware-as-a-service business model called Reveton, which allowed low-skilled criminals to launch ransomware attacks for a fee……
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
EDRKillShifter Tool added to the Ransomware actors cart
RansomHub group has been found deploying a new tool designed to disable endpoint detection and response (EDR) systems that shows a advancement int the TTP’s handled by the threat actors for carrying out ransomware attacks.
Sophos uncovered the tool EDRKillShifter during an attempted ransomware attack in May 2023. While the attack was unsuccessful, the postmortem analysis revealed the presence of this new utility aimed at terminating endpoint protection software.
The tool’s emergence is observed since 2022, where malware designed to disable EDR systems has become increasingly sophisticated and on the other end growing adoption of EDR technologies by organizations seeking to protect their endpoints from cyber threats……
CISA Adds Solarwinds CVE-2024-28986 to KEV Catalog
The U.S.CISA warned of a critical security vulnerability affecting SolarWinds Web Help Desk.
This vulnerability, tracked as CVE-2024-28986 with a CVSS 9.8, has been added to CISA’s Known Exploited Vulnerabilities catalog due to evidence of active exploitation……
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
