watchTowr: QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends)
Always a pleasure to read vulnerability analyses from watchTowr as they take us through QNAP's Network Attached Storage (NAS) products QTS (operating system), QuTSCloud (VM-optimized version) and QTS hero (high performance features version). NAS are very attractive targets for ransomware actors, and watchTowr walks us through finding vulnerabilities and providing a working exploit (proofs of concept available). A lot of humor injected throughout.
watchTowr is extremely transparent in listing all of the vulnerabilities found (and what's under embargo), with a timeline, communications and coordination with QNAP (JetBrains take note!), and their vulnerability disclosure policy.

cc: @wdormann you might find this interesting if you haven't read it already

#QNAP #CVE #QNAP #vulnerability

Resumen de las últimas 24 horas en seguridad informática: La seguridad informática enfrenta desafíos diarios: vulnerabilidades en QNAP, Rescuezilla facilitando respaldos, HTB Sherlock para detectar actividades maliciosas, phishing en Meta que evita MFA, backdoor de SSH infectando servidores Linux, Noruega recomienda reemplazar SSL VPN y CISA agrega zero-days de Google Chrome a su catálogo. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática.

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 17/05/24 📆 |====

🔒 QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends)

La seguridad informática se enfoca en proteger los datos, y obtener acceso a ellos o interrumpir ese acceso es una prioridad para grupos de ransomware y APT. ¡Descubre más sobre esta vulnerabilidad en QNAP! 👉 https://djar.co/Cxuol

🔒 Rescuezilla Facilita el Respaldo y la Restauración de Sistemas

Rescuezilla 2.5 presenta una CLI experimental y correcciones que simplifican el proceso de respaldo y restauración de sistemas. Conoce las novedades de esta herramienta aquí. 👉 https://djar.co/oDWcy

🔒 HTB Sherlock: Logjammer

Logjammer es un análisis detallado de registros de eventos de Windows, útil para detectar actividades maliciosas en sistemas. Descubre cómo esta herramienta puede mejorar la seguridad de tu entorno. 👉 https://djar.co/XgvZ

🔒 Campaña de Phishing Bypasses MFA para Atacar Cuentas Comerciales de Meta

Un sofisticado ataque de phishing logra evadir la autenticación de múltiples factores, comprometiendo cuentas comerciales en Meta y poniendo en riesgo a millones de usuarios. Protégete con más información sobre este incidente. 👉 https://djar.co/xhbSU

🔒 SSH Backdoor Infecta 400,000 Servidores Linux y Continúa Propagándose

Un backdoor de SSH ha afectado a una gran cantidad de servidores Linux durante años, propagándose sin control y ampliando el alcance del malware. ¡Conoce más detalles sobre esta amenaza! 👉 https://djar.co/55LV

🔒 Noruega Recomienda Reemplazar SSL VPN para Prevenir Brechas

El Centro Nacional Noruego de Ciberseguridad sugiere reemplazar soluciones SSL VPN/WebVPN para evitar vulnerabilidades y brechas en redes corporativas. Mantente protegido siguiendo estas recomendaciones. 👉 https://djar.co/P3HX

🔒 CISA Agrega Zero-Days de Google Chrome a su Catálogo de Vulnerabilidades Explotadas

CISA incluye dos vulnerabilidades zero-day de Google Chrome en su listado de vulnerabilidades conocidas y explotadas, destacando la importancia de mantenerse actualizado frente a estas amenazas. Infórmate más al respecto aquí. 👉 https://djar.co/GhjyE

'CVE-2024-34359 is a critical vulnerability stemming from the misuse of the Jinja2 template engine within the "llama_cpp_python" package ... The core issue arises from processing template data without proper security measures such as sandboxing, which Jinja2 supports but was not implemented in this instance. This oversight allows attackers to inject malicious templates that execute arbitrary code on the host system.

'With over 6,000 models on the HuggingFace platform ... potentially susceptible to similar vulnerabilities ... the breadth of the risk is substantial'.

Another day in OSS and software supply chains.
https://checkmarx.com/blog/llama-drama-critical-vulnerability-cve-2024-34359-threatening-your-software-supply-chain/

Next.jsのSSRF CVE-2024-34351見てる

10/10 critical #Vuln in #Intel Neural Compressor software

Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22476

#cve202422476 #cve #AI

Intel security advisory: Intel® Neural Compressor Software Advisory
Intel scores a perfect 10.0 CVSSv3 score (critical severity) 🥳 with CVE-2024-22476 : Improper input validation in some Intel Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.
Also included is CVE-2024-21792 (4.7 medium) Time-of-check Time-of-use race condition in Intel Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access.

No mention of exploitation. cc: @cR0w h/t: @Newk

#Intel #vulnerability #CVE #CVE_2024_22476 #CVE_2024_21792

La nuova vulnerabilità Wi-Fi IEEE 802.11 mette a rischio miliardi di dispositivi
https://poliverso.org/display/0477a01e-3eae2675-6d1058eb2f8b8600
La nuova vulnerabilità Wi-Fi IEEE 802.11 mette a rischio miliardi di dispositivi L’università belga KU Leuven ha identificato https://www.top10vpn.com/assets/2024/05/Top10VPN-x-Vanhoef-SSID-Confusion.pdf una vulnerabilità https://www.redhotcyber.com/post/vulnerabilita-cve-2024-21893-ivanti-colpito-da-hacker-cinesi-unc5325-e-unc3886/ nello standard

🚨POC RELEASED🚨WordPress Auto Admin Account Creation & Reverse Shell CVE-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server.

https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956

#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #Exploit #CVE202427956

https://x.com/DarkWebInformer/status/1791474570509070439

Apple has released software updates to address a zero-day vulnerability in Safari.

The vulnerability is tracked as CVE-2024-27834, and when exploited, can allow an attacker to bypass security protections.

Users are advised to patch ASAP.

#cybersecurity #Apple #Safari #zeroday

https://www.bleepingcomputer.com/news/apple/apple-fixes-safari-webkit-zero-day-flaw-exploited-at-pwn2own/

WireGuard CVE-2021-46873 is wild, i think this is the time for me to switch to post quantum secure protocols such as rosenpass

A potential RCE (CVE-2024-3400) through Shodan/FOFA/BinaryEdge.

https://packetstormsecurity.com/files/cve/CVE-2024-3400

The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on WEP, WPA3, 802.11X/EAP, and AMPE protocols. https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

@ariadne What about CVE-2021-30139? That's essentially an out-of-bounds read and hence a spatial memory safety violation.

Intel security advisory: Intel® Neural Compressor Software Advisory
Intel scores a perfect 10.0 CVSSv3 score (critical severity) 🥳 with CVE-2024-22476 : Improper input validation in some Intel Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.
Also included is CVE-2024-21792 (4.7 medium) Time-of-check Time-of-use race condition in Intel Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access.

No mention of exploitation. cc: @cR0w h/t: @Newk

#Intel #vulnerability #CVE #CVE_2024_22476 #CVE_2024_21792

@browserversiontracker @ruario
For context, Microsoft Edge was updated against the 4 Chromium vulnerabilities patched Wednesday night:

• Chromium: CVE-2024-4947 Type Confusion in V8
  • Google is aware that an exploit for CVE-2024-4947 exists in the wild.
• Chromium: CVE-2024-4948 Use after free in Dawn
• Chromium: CVE-2024-4949 Use after free in V8
• Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Release notes for Microsoft Edge Security Updates:

Microsoft has a fix for CVE-2024-4947 to Microsoft Edge Stable Channel (Version 124.0.2478.109) and Extended Stable channel (Version 124.0.2478.109), which has been reported by the Chromium team as having an exploit in the wild.

@browserversiontracker @ruario
For context, Microsoft Edge was updated against the 4 Chromium vulnerabilities patched Wednesday night:

• Chromium: CVE-2024-4947 Type Confusion in V8
  • Google is aware that an exploit for CVE-2024-4947 exists in the wild.
• Chromium: CVE-2024-4948 Use after free in Dawn
• Chromium: CVE-2024-4949 Use after free in V8
• Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Release notes for Microsoft Edge Security Updates:

Microsoft has a fix for CVE-2024-4947 to Microsoft Edge Stable Channel (Version 124.0.2478.109) and Extended Stable channel (Version 124.0.2478.109), which has been reported by the Chromium team as having an exploit in the wild.

@browserversiontracker @ruario
For context, Microsoft Edge was updated against the 4 Chromium vulnerabilities patched Wednesday night:

• Chromium: CVE-2024-4947 Type Confusion in V8
  • Google is aware that an exploit for CVE-2024-4947 exists in the wild.
• Chromium: CVE-2024-4948 Use after free in Dawn
• Chromium: CVE-2024-4949 Use after free in V8
• Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Release notes for Microsoft Edge Security Updates:

Microsoft has a fix for CVE-2024-4947 to Microsoft Edge Stable Channel (Version 124.0.2478.109) and Extended Stable channel (Version 124.0.2478.109), which has been reported by the Chromium team as having an exploit in the wild.

@browserversiontracker @ruario
For context, Microsoft Edge was updated against the 4 Chromium vulnerabilities patched Wednesday night:

• Chromium: CVE-2024-4947 Type Confusion in V8
  • Google is aware that an exploit for CVE-2024-4947 exists in the wild.
• Chromium: CVE-2024-4948 Use after free in Dawn
• Chromium: CVE-2024-4949 Use after free in V8
• Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Release notes for Microsoft Edge Security Updates:

Microsoft has a fix for CVE-2024-4947 to Microsoft Edge Stable Channel (Version 124.0.2478.109) and Extended Stable channel (Version 124.0.2478.109), which has been reported by the Chromium team as having an exploit in the wild.