1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 33

Kgwadi Matenche | Aug. 16, 2024, 5:22 p.m.

Cybersecurity News:

  • Ransomware attack on Indian payment system traced back to Jenkins bug [Jonathan Greig, Recorded Future News]
  • Google Patches Critical Vulnerabilities in Quick Share After Researchers’ Warning [Deeba Ahmed, Hackread]
  • RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks [Ravie Lakshmanan, The Hacker News]
  • 0-Click Outlook Vulnerability Triggered RCE When Email is Opened – Technical Analysis [Balaji N, Cyber Security News]
  • Vulnerabilities & Patches:

  • SolarWinds fixes critical RCE bug affecting all Web Help Desk versions [Bill Toulas, Bleeping Computer]
  • Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw [Ryan Naraine, SecurityWeek]
  • Critical SAP flaw allows remote attackers to bypass authentication [Bill Toulas, Bleeping Computer]
  • Fortinet, Zoom Patch Multiple Vulnerabilities [Eduard Kovacs, SecurityWeek]
  • A FreeBSD flaw could allow remote code execution, patch it now! [Pierluigi Paganini, Security Affairs]
  • Breaches & Leaks:

  • Hackers Leak 1.4 Billion Tencent User Accounts Online [Waqas, Hackread]
  • Local gov’ts in Texas, Florida hit with ransomware as cyber leaders question best path forward [Jonathan Greig, Recorded Future News]
  • AutoCanada discloses cyberattack impacting internal IT systems [Bill Toulas, Bleeping Computer]
  • Others:

  • GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover [Ravie Lakshmanan, The Hacker News]
  • GitHub rolls back database change after breaking itself [Chris Williams, The Register]