Weekly VulnRecap

The new year brought few new vulnerabilities, and only Ivanti Endpoint Manager and Kyber, the quantum resistant encryption algorithm, publicized new vulnerabilities or fixes.
Most news derived from the active attacks on multiple older vulnerabilities, which threaten to expose organizations slow to patch.
Speed remains critical to security, but more importantly, patching teams need to make progress with patch and vulnerability management.
Here's a roundup of the week's major vulnerabilities that security teams should mitigate or patch.
Type of attack: Secure Shell vulnerability enables prefix truncation attacks.
The countries with the top vulnerabilities include the USA, China, and Germany.
Researchers also provide a vulnerability scanner on GitHub written in Go that can detect vulnerable servers.
Type of attack: Arbitrary and remote code execution attacks that exploit data import/export operations in Excel-related functions in web applications and denial of service crashes or ACE/RCE related to heap buffer overflows in Chrome.
The problem: The US Cybersecurity and Infrastructure Security Agency added two vulnerabilities to the Known Exploited Vulnerabilities catalog.
Versions 0.65 and older of the Perl Spreadsheet::ParseExcel library contain a RCE vulnerability exploited by Chinese hackers, as noted on December 24th. Chrome web browsers experience heap buffer overflow in the WebRTC real-time communication coding that can crash chrome or allow for code execution.
Type of attack: SQL injection vulnerability permits an RCE attack allows the hijack of enrolled devices or even the core server.
Type of attack: Critical RCE vulnerability in unpatched or partially patched RocketMQ services.
The problem: The ShadowServer Foundation logs show hundreds of hosts scanning for exposed RocketMQ systems still vulnerable to the original critical RCE vulnerability, CVE-2023-33246, patched earlier in 2023.
The patch didn't fully solve the vulnerability, leading to a second announced vulnerability, CVE-2023-37582, rated 9.8/10.0 for severity.
Apache released patches for both of these vulnerabilities in July 2023, yet over six months later, attackers still search for potential victims.
Type of attack: Timing-based attack on Kyber Encryption implementations can expose encryption keys.
The Kyber key decapsulation process uses division operations, and timing-based attacks - dubbed KyberSlash - can allow the encryption key to be determined in as many as two out of three attacks.
Researchers reported the first vulnerability, KyberSlash1, to Kyber's developers in November 2023 and discovered KyberSlash2 in December.
The Kyber development team patched both vulnerabilities promptly, but not all projects and tools incorporating patches patched as quickly.
The vulnerability does not impact some libraries and tools, and some libraries fully patched for all known vulnerabilities.


This Cyber News was published on www.esecurityplanet.com. Publication date: Mon, 08 Jan 2024 22:13:04 +0000


Cyber News related to Weekly VulnRecap

Weekly Blog Wrap-Up - Welcome to the TuxCare Weekly Blog Wrap-Up - your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the way your organization protects its data and customers. At TuxCare, we understand the ...
10 months ago Securityboulevard.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
10 months ago Blog.checkpoint.com
Weekly Blog Wrap-Up - Welcome to the TuxCare Weekly Blog Wrap-Up - your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the way your organization protects its data and customers. At TuxCare, we understand the ...
9 months ago Securityboulevard.com
Weekly VulnRecap - The new year brought few new vulnerabilities, and only Ivanti Endpoint Manager and Kyber, the quantum resistant encryption algorithm, publicized new vulnerabilities or fixes. Most news derived from the active attacks on multiple older ...
10 months ago Esecurityplanet.com
Weekly VulnRecap - The past week and the long weekend have had plenty of vulnerabilities to keep your IT and security teams busy. Keep an eye out for security announcements from your firewall vendors; it's possible additional similar vulnerabilities will come to light. ...
10 months ago Esecurityplanet.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - Last week, there were 95 vulnerabilities disclosed in 65 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 33 Vulnerability Researchers that contributed to WordPress ...
9 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - Wordfence just launched its bug bounty program. Last week, there were 109 vulnerabilities disclosed in 98 WordPress Plugins and 10 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 33 ...
11 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - For the first 6 months, all awarded bounties receive a 10% bonus. Last week, there were 16 vulnerabilities disclosed in 16 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there ...
11 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - For the first 6 months, all awarded bounties receive a 10% bonus. Over the last two weeks, there were 263 vulnerabilities disclosed in 217 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability ...
10 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - For the first 6 months, all awarded bounties receive a 10% bonus. Last week, there were 85 vulnerabilities disclosed in 74 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there ...
10 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - For the first 6 months, all awarded bounties receive a 10% bonus. Last week, there were 85 vulnerabilities disclosed in 74 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there ...
10 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - For the first 6 months, all awarded bounties receive a 10% bonus. Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there ...
10 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - Last week, there were 52 vulnerabilities disclosed in 42 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 26 Vulnerability Researchers that contributed to WordPress ...
9 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - Last week, there were 122 vulnerabilities disclosed in 110 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 52 Vulnerability Researchers that contributed to WordPress ...
9 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report - Last week, there were 134 vulnerabilities disclosed in 110 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress ...
5 months ago Wordfence.com
CVE-2024-31084 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19. ...
7 months ago Tenable.com
Cyber Security News Weekly Round-Up - The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive. According to recent findings from Morphisec ...
7 months ago Cybersecuritynews.com
Cyber Security News Weekly Round-Up (Vulnerabilities & Threats - The weekly cybersecurity news summary highlights the recent threats, vulnerabilities, innovations, and emerging attack vectors. This enables the timely implementation of appropriate security measures and ensures robust system protection against ...
4 months ago Cybersecuritynews.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
1 month ago Cyberdefensemagazine.com
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
11 months ago Unit42.paloaltonetworks.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)