Aggregator

The shift to cloud means securing your organization's digital assets requires a proactive, multilayered approach.

A Threat Actor is Allegedly Selling Access to Pazomat - Of Paz Oil Company LTD

The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.7.1. Affected is the function scom_debug_init_one. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2023-52690. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.13/6.7.1. This issue affects the function sof_sdw_rt_sdca_jack_exit of the component ASoC. The manipulation leads to infinite loop. The identification of this vulnerability is CVE-2023-52697. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.1. It has been classified as critical. This affects the function opal_powercap_init of the component powernv. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2023-52696. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.147/6.1.74/6.6.13/6.7.1. It has been declared as problematic. Affected by this vulnerability is the function subflow_finish_connect of the component mptcp. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-35840. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.2. It has been declared as critical. Affected by this vulnerability is the function resize_inode of the component ext4. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-35807. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.8.8. This vulnerability affects the function its_vpe_irq_domain_alloc. The manipulation leads to double free. This vulnerability was named CVE-2024-35847. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.8.8 and classified as critical. This vulnerability affects the function bdev_may_open. The manipulation leads to memory leak. This vulnerability was named CVE-2024-35859. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.1 and classified as problematic. This issue affects the function pci_get_domain_bus_and_slot of the component iommu. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-35843. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.23/6.7.11/6.8.2. Affected is the function dma_alloc_coherent of the component swiotlb. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2024-35814. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.23/6.7.11/6.8.2. Affected is the function vmw_plane_state of the component vmwgfx. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-35810. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was suspected in Linux Kernel. This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

A Threat Actor is Allegedly Selling VPN Access to an Unidentified Canadian Company

Authors/Presenters: Gareth Heyes

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Splitting The Email Atom Exploiting Parsers To Bypass Access Controls appeared first on Security Boulevard.

TEAM ARXU Targeted the Website of Israel Population & Immigration Authority

A Threat Actor Has Allegedly Leaked Access of Cleveroad

A vulnerability has been found in Apache James Server up to 3.7.4/3.8.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SMTP Handler. The manipulation leads to improper input validation. This vulnerability is known as CVE-2023-51747. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.