What is the attack?A threat actor known as “8220 Gang” is seen exploiting two vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows remote OS command execution, and CVE-2023-21839 is an insecure deserialization vulnerability. CISA recently added the Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog on 3 June 2023.What is the recommended Mitigation?Apply the most recent patch released by Oracle. In the advisory, Oracle mentioned that they continue to receive reports of exploitation attempts.What FortiGuard Coverage is available?FortiGuard customers remain protected by the IPS signatures available for both vulnerabilities. FortiGuard Outbreak Alert is available to review for full coverage and the FortiGuard Incident Response team can be engaged to help with any suspected compromise.
Daily Archives: June 5, 2024
USN-6808-1: Atril vulnerability
It was discovered that Atril was vulnerable to a path traversal attack.
An attacker could possibly use this vulnerability to create arbitrary
files on the host filesystem with user privileges.
USN-6809-1: BlueZ vulnerabilities
It was discovered that BlueZ could be made to dereference invalid memory.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3563)
It was discovered that BlueZ could be made to write out of bounds. If a
user were tricked into connecting to a malicious device, an attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2023-27349)
USN-6807-1: FRR vulnerabilities
It was discovered that FRR incorrectly handled certain network traffic.
A remote attacker could possibly use this issue to cause FRR to crash,
resulting in a denial of service. (CVE-2022-26126, CVE-2022-26127,
CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035,
CVE-2023-31490, CVE-2023-38406, CVE-2023-38407, CVE-2023-46752,
CVE-2023-46753, CVE-2023-47234, CVE-2023-47235, CVE-2024-31948)
Ben Cartwright-Cox discovered that FRR incorrectly handled certain
network traffic. A remote attacker could possibly use this issue to cause
FRR to crash, resulting in a denial of service. (CVE-2023-38802)
libvirt-9.7.0-4.fc39
FEDORA-2024-c2e7b82022
Packages in this update:
libvirt-9.7.0-4.fc39
Update description:
Fix crash in event loop (CVE-2024-4418)
Fix I/O stall when multiple threads issue RPC calls
Fix leak of GSource object
Fix leak of udev object reference
#Infosec 2024: Small Firms Need to Work Smarter to Stretch Security Budgets
Lack of budgets and resources need not be a barrier to improving security for SMEs, according to industry experts
Chinese State-Sponsored Operation “Crimson Palace” Revealed
Sophos said the campaign aimed to maintain prolonged network access for espionage purposes
FBI Warns of Rise in Work-From-Home Scams
One key tactic these scammers employ is a convoluted payment structure to access additional earnings or unlock access to work
#Infosec2024 Spyware: A Threat to Civil Society and a Threat to Business
Commercial spyware poses a threat to enterprises, and CISOs need to consider its impact and how to mitigate it
cyrus-imapd-3.8.3-1.fc39
FEDORA-2024-123f2b3666
Packages in this update:
cyrus-imapd-3.8.3-1.fc39
Update description:
Security fix for CVE-2024-34055