Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the weeks ending Saturday, November 23, 2024.
HellDown Ransomware exploiting Zyxel Vulnerability
Helldown ransomware is a relatively new and evolving threat in the cybersecurity landscape. Initially targeting Windows systems, it has now expanded to attack VMware and Linux environments. This ransomware group employs a double-extortion model, meaning they exfiltrate sensitive data before encrypting systems and then threaten to leak the stolen information if ransoms are not paid.
The Helldown operation has claimed 31 victims over the past three months, largely by using a Windows version of its crypto-locking malware, together with a data-leak site where it attempts to name and shame victims…..
Apache Kafka affected by CVE-2024-31141
The open-source event streaming platform Apache Kafka has been affected by a vulnerability the that could allow attackers to gain unauthorized access to sensitive information.
The vulnerability tracked as CVE-2024-31141, with no CVSS score assigned, stems from how Apache Kafka Clients handle configuration data. The advisory explains that “Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables……
NVIDIA affected by a Critical vulnerability CVE-2024-0138
NVIDIA has released a patch addressing a critical vulnerability in its Base Command Manager software, that could pose significant risks, including the potential for remote code execution, denial of service, privilege escalation, information disclosure, and data tampering.
This flaw, tracked as CVE-2024-0138 with a CVSS score of 9.8, located within the CMDaemon component, arises from a missing authentication mechanism (CWE-862) in the CMDaemon component…..
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Zoho Patched CVE-2024-49574 Manage Engine Bug
Zoho has released a security update addressing a critical SQL injection vulnerability in its ADAudit Plus software that allowed an attacker with authenticated access to the system to execute arbitrary SQL queries.
The flaw, identified as CVE-2024-49574 with a CVSS score of 8.3, affects all builds of ADAudit Plus before version 8123 found in the software’s report generation feature, which could be exploited by an authenticated attacker could potentially access or manipulate database table entries and extract sensitive information from the database…..
Broadcom repatched VMware bugs for the second time
Vmware vulnerabilities have been exploited in attacks after the initial released patches failed to fix the flaw. The vulnerabilities are tracked as CVE-2024-38812 and CVE-2024-38813, released on September 17th, but then issued an October update to the original patches after admitting its initial effort did not completely address either vulnerability.
Now, Broadcom has issued the second patch for both vCenter bugs, and the vendor assured customers it was not currently aware of exploitation in the wild…..
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
