Category Archives: Advisories

Advisories

Akira Ransomware Attack

Read Time:45 Second

What is the Akira Ransomware Attack?

The Akira ransomware attack has actively and widely impacting businesses. According to CISA advisory, the ransomware group has impacted over 250 organizations and claimed approximately $42 million (USD) in ransomware proceeds. The ransomware group gains initial access via either less-secured VPN or Cisco vulnerabilities. Once the network is compromised, the threat actor is able to target a system and encrypt files with .akira extension.

What is the recommended Mitigation?

Review attack surfaces and ensure that all systems are kept up-to-date with the latest patches. Also, maintain general awareness and training about the risk of phishing and social engineering attacks in the organization.

What FortiGuard Coverage is available?

FortiGuard Labs has existing AV signatures (i.e. W64/Akira.C!tr.ransom) to block all the known malware variants used by Ransomware group and has blocked related IoCs via Web filtering service.

Read More

Advisories

USN-6743-1: Linux kernel vulnerabilities

Read Time:15 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– JFS file system;
– BPF subsystem;
– Netfilter;
(CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,
CVE-2023-52603)

Read More

Advisories

USN-6742-1: Linux kernel vulnerabilities

Read Time:27 Second

Daniele Antonioli discovered that the Secure Simple Pairing and Secure
Connections pairing in the Bluetooth protocol could allow an
unauthenticated user to complete authentication without pairing
credentials. A physically proximate attacker placed between two Bluetooth
devices could use this to subsequently impersonate one of the paired
devices. (CVE-2023-24023)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– JFS file system;
– Netfilter;
(CVE-2024-26581, CVE-2023-52600, CVE-2023-52603)

Read More

Advisories

BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH)

Read Time:21 Second

Posted by malvuln on Apr 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Dumador.c
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware runs an FTP server on TCP port 10000. Third-party
adversaries who can reach the server can send a specially crafted payload
triggering…

Read More

Advisories

SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app

Read Time:16 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 19

SEC Consult Vulnerability Lab Security Advisory < 20240418-0 >
=======================================================================
title: Broken authorization
product: Dreamehome app
vulnerable version: <=2.1.5 (iOS)
fixed version: none, see solution
CVE number: –
impact: medium
homepage: https://www.dreametech.com
found: 2024-01-17…

Read More