Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Threat Round up for February 17 to February 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 17 and Feb. 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed...

TALOS
Open in Source
#vulnerability#web#mac#windows#google#microsoft#js#java#c++#samba#chrome#firefox#sap#ssl
CVE-2023-23296: [EN] Multiple Vulnerabilities in Korenix JetWave Series - CyberDanube

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

CVE-2023-25823: Update share links to use FRP instead of SSH tunneling

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`), a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. This issue is patched in version 3.13.1, however, users are recommended to update to 3.19.1 or later where the FRP solution has been properly tested.

CVE-2023-24205: GitHub - Fndroid/clash_for_windows_pkg: A Windows/macOS GUI based on Clash

Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via overwriting the configuration file (cfw-setting.yaml).

GHSA-3x5j-9vwr-8rr5: Update share links to use FRP instead of SSH tunneling

### Impact This is a vulnerability which affects anyone using Gradio's share links (i.e. creating a Gradio app and then setting `share=True`) with Gradio versions older than 3.13.1. In these older versions of Gradio, a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides. ### Patches The problem has been patched. Ideally, users should upgrade to `gradio==3.19.1` or later where the FRP solution has been properly tested. ### Credit Credit to Greg Sadetsky and Samuel Tremblay-Cossette for alerting the team

Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery

The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner.

Generative AI Changes Everything We Know About Cyberattacks

Generative AI is heating up everywhere and fundamentally changing everything we know about how cybercriminals develop and deploy attacks.

Hydrochasma Threat Group Bombards Targets With Slew of Commodity Malware, Tools

A previously unidentified threat group uses open source malware and phishing to conduct cyber-espionage on shipping and medical labs associated with COVID-19 treatments and vaccines.

Unanswered Questions Cloud the Recent Targeting of an Asian Research Org

A novel threat group, utilizing new malware, is out in the wild. But the who, what, where, and why are yet to be determined, and there's evidence of a false-flag operation.

Cris Thomas: Space Rogue, From L0pht Hacker to IBM Security Influencer

Security Pro File: The old-school hacker traces a path from young hardware tinkerer to senior cybersecurity executive.