TheCyberThrone Security Biweekly Review – December 28, 2024
Posted inSecurity NewsLetter

TheCyberThrone Security Biweekly Review – December 28, 2024

No Comments

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the biweekly ending Saturday, December 28, 2024.

Indian users are targeted by Banking Trojan

McAfee Labs has recently uncovered a sophisticated Android banking trojan named Android/Banker, specifically targeting Indian users. This malicious software exploits the widespread use of utility and banking apps in India to steal sensitive financial information.

Overview of the Attack

The Android/Banker trojan disguises itself as legitimate utility services (such as gas or electricity) or banking applications. By mimicking these essential services, the malware tricks users into downloading and installing it on their devices……

CISA releases VDP platform Annual report for 2023

The U.S. CISA has released its 2023 Annual Report for the Vulnerability Disclosure Policy (VDP) Platform. Over the past year, the agency concentrated on promoting greater adoption of the VDP Platform among agencies, assisting federal civilian executive branch (FCEB) agencies in identifying system vulnerabilities, and collaborating with the public security researcher community.

As part of CISA’s persistent and ongoing collaboration with the public security researcher community, CISA issued Binding Operational Directive (BOD) 20-01 in 2020, which requires every FCEB agency to establish a VDP…..

Advertisements

Detailing Critical Microsoft CVE-2024-49112 Vulnerability

Microsoft has recently disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, identified as CVE-2024-49112 Released as part of the December Patch Tuesday updates, this vulnerability presents a severe risk to enterprise networks by allowing unauthenticated attackers to execute arbitrary code within the context of the LDAP service.

Overview of CVE-2024-49112

  • Description: CVE-2024-49112 is an RCE vulnerability affecting the LDAP service in various Windows operating systems, including Windows 10, Windows 11, and Windows Server editions. The flaw arises from improper handling of LDAP requests, which can be exploited to execute arbitrary code on the affected systems.
  • Affected Versions: The vulnerability affects Windows 10, Windows 11, and various Windows Server editions.
  • CVSS Score: 9.8…..

SUBSCRIBE TO OUR BLOG TODAY !

We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day

Apache Tomcat fixes CVE-2024-50379 and CVE-2024-54677

The Apache Software Foundation has released patches to mitigate two newly discovered vulnerabilities in Apache Tomcat, an extensively used open-source web server and servlet container. These vulnerabilities could potentially jeopardize systems and compromise sensitive data, highlighting the importance of timely updates and security measures.

CVE-2024-50379 is an Remote Code Execution (RCE) and CVE-2024-54677 is a Denial-of-Service (DoS) vulnerability….

Advertisements

Exploit code released for Microsoft CVE-2024-30085

CVE-2024-30085 is a high-severity vulnerability identified in the Windows Cloud Files Mini Filter Driver (cldflt.sys). This vulnerability arises from a heap-based buffer overflow issue, which can be exploited by local attackers to escalate privileges and gain SYSTEM-level access. This poses a significant security risk as it allows attackers to execute arbitrary code with elevated permissions.

Key Details:

  • CVSS Score: 7.8 (High)
  • Affected Systems: Windows 11 23H2 installations
  • Mitigation: Microsoft has released a patch in the June 2024 Patch Tuesday updates….

CVE-2024-3393 DoS Vulnerability in Palo Alto PAN-OS

CVE-2024-3393 is a high-severity Denial of Service (DoS) vulnerability discovered in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This vulnerability can be exploited by an unauthenticated attacker, meaning the attacker does not need any credentials or special permissions to execute the attack.

Key Details:

  • CVSS Score: 8.7 (High)
  • Affected Versions:
  • PAN-OS 11.2 (versions earlier than 11.2.3)
  • PAN-OS 11.1 (versions earlier than 11.1.5)
  • PAN-OS 10.2 (versions earlier than 10.2.10-h12 or 10.2.13-h2)
  • PAN-OS 10.1 (versions earlier than 10.1.14-h8)…..

This brings the end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us, please follow us on FacebookTwitterInstagram

Tags:

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.