Tag Archive for: Reveals

Indian Govt Reveals ‘High-Risk’ Vulnerabilities Affecting Android Users: Check Details

/in


If you are using an Android device, it’s crucial to be aware that the Indian government’s Computer Emergency Response Team has issued a warning regarding ‘high’ security risk vulnerabilities in Android. The team emphasises that these exploits have the potential to allow attackers to gain sensitive information and execute arbitrary code on your phone.

Which Android Versions Are Affected?

These vulnerabilities are found in Android versions 11, 12, 13, and 14. This implies that even if you have the latest Android version, you are not exempt from these risks.

CERT-In highlights that multiple vulnerabilities exist within the framework, system, arm components, and MediaTek components, Unisoc components, Qualcomm components, and Qualcomm close-sourced components.

How To Protect Yourself?

To safeguard your device, you will need to have Android “Security patch levels of 2024-02-05 or later to address all of these issues.” So, when the OEM of your device releases the said update, simply download the latest available update.

Considering the ‘high’ severity rating, it’s advisable to focus on additional security-enhancing features. Enable two-factor authentication, use a robust passcode, and maintain good digital hygiene practices.

These Are The Vulnerabilities Affecting the Aforementioned Android versions

CVE-2023-32841, CVE-2023-32842, CVE-2023-32843, CVE-2023-33046, CVE-2023-33049, CVE-2023-33057, CVE-2023-33058, CVE-2023-33060, CVE-2023-33072, CVE-2023-33076, CVE-2023-40093, CVE-2023-40122, CVE-2023-43513, CVE-2023-43516, CVE-2023-43518, CVE-2023-43519, CVE-2023-43520, CVE-2023-43522, CVE-2023-43523,CVE-2023-43533, CVE-2023-43534, CVE-2023-43536, CVE-2023-49667, CVE-2023-49668, CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-0014, CVE-2024-0029, CVE-2024-0030, CVE-2024-0031, CVE-2024-0032, CVE-2024-0033, CVE-2024-0034, CVE-2024-0035, CVE-2024-0036, CVE-2024-0037, CVE-2024-0038, CVE-2024-0040, CVE-2024-0041, CVE-2024-20003, CVE-2024-20006, CVE-2024-20007, CVE-2024-20009, CVE-2024-20010, CVE-2024-20011.

top videos

  • Samsung Will Bring Its AI Features To These Old Galaxy

  • Will AI Take Jobs? Microsoft CEO Satya Nadella Explains

  • Meta To Start Labelling AI-Generated Images on Its…

    • Source…

    Delinea Research Reveals that Ransomware Is Back on the Rise As Cybercriminals’ Motivation Shifts to Data Exfiltration

    /in


    PRESS RELEASE

    SAN FRANCISCO, Jan. 30, 2024 /PRNewswire/ — Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today published its annual “State of Ransomware” report which shows that ransomware attacks are increasing again and reveals a change in strategy among cybercriminals. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data. Cybercriminals then frequently threaten to sell it to the highest bidder on the darknet or leverage it to reap a handsome cyber insurance payment.

    Titled, “State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses,” the report analyzed data from a Censuswide survey of over 300 US IT and Security decision-makers to identify significant changes compared to data from the previous year’s report and uncover new possible trends. First and foremost, ransomware is back on the rise. Although not back at the levels of 2021, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled since last year, from 25% to 53%. Mid-sized companies appeared to be in cybercriminals’ crosshairs the most, with 65% stating they’ve been a ransomware victim over the past 12 months. Organizations are also paying ransoms more frequently, up to 76% from 68% the prior year.

    More striking, however, are the emerging trends in motivations, strategies, and tactics that the survey revealed. Data exfiltration registered a surge of 39% (reported by 64% of respondents, up from 46%) and became a preferred goal for the attackers, who are now gaining control of a company’s network to download sensitive data to sell on the darknet. This trend is also evidenced by the significant downturn of traditional money grabs as the main motivation (34%, down from 69% the year before).

    “Ransomware certainly appears to have reached a critical sea change – it’s no longer just about the quick and easy payout,” said Rick Hanson, President at Delinea. “Even as organizations are investing more in safety nets like cyber insurance which often have ransomware payouts included in…

    Source…

    Hewlett Packard Enterprise reveals hack by Russian state actor

    /in


    Tech firm Hewlett Packard Enterprise says its cloud-based email systems were breached by the same Russian hacking group that compromised some Microsoft email accounts earlier this month.

    Hewlett Packard Enterprise, also known as HPE, revealed the breach in a securities filing last week. The incident took place on December 12, 2023, and affected “a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” the company said.

    “The Company, with assistance from external cybersecurity experts, immediately activated our response process to investigate, contain, and remediate the incident, eradicating the activity,” HPE said in the filing.

    HPE said it suspects a group sometimes referred to as “Midnight Blizzard” was responsible for last month’s attack.

    The hacking group, which US officials and private experts say has links to Russia’s foreign intelligence service, has gained a reputation as one of the stealthiest and most advanced cyber espionage groups in the world. Private analysts have referred to the group as “Midnight Blizzard” or as part of a group known as “APT29,” among other names.

    The hackers used bugged software made by US tech firm SolarWinds to break into multiple US government agencies in 2020 to read emails between senior agency officials, US officials have alleged. (The Kremlin denied responsibility.) The spying campaign lasted well over a year and forced a major shakeup in how the US government defends its networks from hackers.

    In the years since, the Russian hacking group has continued to use software providers to try to infiltrate US and European government agencies as part of a long-running quest for intelligence to serve the Kremlin, experts who track the hackers have told CNN.

    The alleged Russian computer operatives have been particularly adept at breaking into cloud computing networks, as they did with the recent breach of HPE. The FBI has observed the hackers targeting cloud computing environments as far back as 2018, in what the bureau said was a likely tactic meant to cover their tracks.

    HPE said in its filing that an investigation found that the December hacking…

    Source…

    Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine

    /in


    Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari.

    The bug, assigned as CVE-2024-23222, stems from a type confusion error, which basically is what happens when an application incorrectly assumes the input it receives is of a certain type without actually validating — or incorrectly validating — that to be the case.

    Actively Exploited

    Apple yesterday described the vulnerability as something an attacker could exploit to execute arbitrary code on affected systems. “Apple is aware of a report that this issue may have been exploited,” the company’s advisory noted, without offering any further details.

    The company has released updated versions of iOS, iPadOS, macOS, iPadOS, and tvOS with additional validation checks to address the vulnerability.

    CVE-2024-23222 is the first zero-day vulnerability that Apple has disclosed in WebKit in 2024. Last year, the company disclosed a total of 11 zero-day bugs in the technology — its most ever in a single calendar year. Since 2021, Apple has disclosed a total of 22 WebKit zero-day bugs, highlighting the growing interest in the browser from both researchers and attackers.

    In parallel, Apple’s disclosure of the new WebKit zero-day follows on Google’s disclosure last week of a zero-day in Chrome. It marks at least the third time in recent months where both vendors have disclosed zero-days in their respective browsers in close proximity to each other. The trend suggests that researchers and attackers are probing almost equally for flaws in both technologies, likely because Chrome and Safari are also the most widely used browsers.

    The Spying Threat

    Apple has not disclosed the nature of the exploit activity targeting the newly disclosed zero-day bug. But researchers have reported seeing commercial spyware vendors abusing some of the company’s more recent ones, to drop surveillance software on iPhones of target subjects.

    In September 2023, Toronto University’s Citizen Lab warned Apple about two no-click zero-day vulnerabilities in iOS that a vendor of surveillance software had exploited to drop the Predator spyware tool on an iPhone belonging to an employee at a Washington, D.C.-based organization. The same month,…

    Source…