Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending August, 2024
Subscribers favorite #1
Velvet Ant APT exploits Cisco bug CVE-2024-20399
Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices. Last month, Cisco addressed the NX-OS zero-day CVE-2024-20399 that China-linked group Velvet Ant exploited to deploy previously unknown malware as root on vulnerable switches and that’s exploited in wild as informed to Cisco PSIRT.
The flaw resides in the CLI of Cisco NX-OS Software, an authenticated local attacker who can exploit the flaw to execute arbitrary commands as root on the underlying operating system of an affected device. Attackers with Administrator credentials can successfully exploit this vulnerability on a Cisco NX-OS device……
Subscribers favorite #2
NIST released Post Quantum Cryptography Standards
The NIST released its FIPS for post-quantum cryptography, a new set of standards that address the emerging security challenges posed by quantum computing. Considering the AI driven attack keep emerging, the three new standards have been designed to ensure that digital communications remain secure against future threats while strengthening current cryptographic practices.
NIST started the process of establishing post-quantum encryption, also called post-quantum cryptography or PQC, standards in 2016, calling on cryptographers to devise encryption methods that could resist an attack from a future quantum computer…..
Subscribers favorite #3
Microsoft Patch Tuesday-August 2024
Microsoft patched 90 CVEs in its August 2024 Patch Tuesday release, with seven rated critical, 82 rated as important, and one rated as moderate. This includes updates for vulnerabilities in Microsoft Office and Components, Microsoft Windows DNS, Windows TCP/IP, Microsoft Teams, Windows Secure Boot, Windows Secure Kernel Mode, Windows Security Center, Windows SmartScreen, Windows App Installer, Windows Scripting, and more.
Microsoft has fixed several flaws in multiple software, including Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Cross-site Scripting (XSS), Information Disclosure, Security Feature Bypass, and Remote Code Execution (RCE)……
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Subscribers favorite #4
RansomEXX hits Indian banks exploiting CVE-2024-23897
A ransomware attack has recently compromised India’s banking sector, affecting banks and payment providers. The attack has primarily targeted Brontoo Technology Solutions, a major partner of C-Edge Technologies Ltd, a collaboration between Tata Consultancy Services and State Bank of India.
Nearly 300 small Indian banks, which were forced to go offline due to a ransomware attack, were back online on Thursday, the National Payments Corporation of India. The NPCI had temporarily isolated these banks from accessing the country’s retail payments system to prevent the spread of the attack
The initial breach occurred through a misconfigured Jenkins server at Brontoo Technology Solutions. Exploiting a known vulnerability (CVE-2024-23897), attackers gained secure shell access by reading private keys due to an open port 22……
Subscribers favorite #5
Zimbra addressed XSS and LFI vulnerabilities
Zimbra Collaboration disclosed three new security vulnerabilities. These flaws, impact Zimbra Collaboration versions 9.0 and 10.0, potentially exposing users to cross-site scripting (XSS) and local file inclusion (LFI) attacks.
The first vulnerability tracked as CVE-2024-33533. This vulnerability resides in the Zimbra webmail admin interface, stemming from inadequate input validation of the ‘packages’ parameter. The second vulnerability tracked as CVE-2024-33535. This vulnerability pertains to unauthenticated local file inclusion within a web application, specifically linked to the handling of the ‘packages’ parameter. The third vulnerability tracked as CVE-2024-33536. This vulnerability also involves reflected XSS, arising from insufficient input validation of the ‘res’ parameter.
This brings end of this month in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
