#intel

Plus: Researchers find RedNote lacks basic security measures, surveillance ramps up around the US-Mexico border, and the UK ordering Apple to create an encryption backdoor comes under fire.

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities in ClearML and four vulnerabilities in Nvidia.  The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.    For Snort

A vulnerability exists in the ABB Cylon FLXeon controller that allows unauthenticated access to the Building Management System (BMS) or Building Automation System (BAS) dashboard. This exposes sensitive information, including system status, events, and alarms related to HVAC operations. Additionally, an attacker could manipulate environmental controls such as temperature settings, potentially disrupting building climate regulation and operational safety.

A vulnerability exists due to an insecure backup.tgz file that, when obtained, contains sensitive system files, including main.db, SSL/TLS certificates and keys, the system shadow file with hashed passwords, and the license key. Although authentication is required to access the backup, an attacker with access could extract these files to retrieve stored credentials, decrypt secure communications, and escalate privileges by cracking password hashes. This exposure poses a significant security risk, potentially leading to unauthorized access, data breaches, and full system compromise.

A timing attack vulnerability exists in ABB Cylon FLXeon's authentication process due to improper comparison of password hashes in login.js and uukl.js. Specifically, the verifyPassword() function in login.js and the verify() function in uukl.js both calculate the password hash and compare it to the stored hash. In these implementations, small differences in response times are introduced based on how much of the password or the username matches the stored hash, making the system vulnerable to timing-based analysis.

Companies pursing internal AI development using models from Hugging Face and other open source repositories need to focus on supply chain security and checking for vulnerabilities.

The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.

Cybersecurity experts weigh in on the red flags flying around the new Department of Government Efficiency's handling of the mountains of US data it now has access to, potentially without basic information security protections in place.

With investment in cybersecurity capabilities and proactive measures to address emerging challenges, we can work together to navigate the complexities of combating cybercrime.

Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.