Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software
Cisco patches for multiple vulnerabilities in IOS RX software, including three high-severity flaws leading to denial-of-service (DoS) and elevation of privilege. The most severe of the high-severity bugs is CVE-2024-20320, an issue in the SSH feature of IOS RX that could allow attackers to elevate privileges to root by sending crafted SSH commands to the CLI.
This week Chrome’s standard safe browsing has real time URL protection and before it used to have an enhanced protection mode which was enabled in safe browsing. Now the standard safe browsing every site has a bad domain that is stored on googles servers. Google will provide a warning with more information if they suspect that you are going to go to a bad website, and they are checking real time which they aim to reduce phishing attempts by 25 percent. When you are going to go to a website chrome will first check the cache to see if the destination is safe. If it decides that the site is not in the cache it will turn the URL into a 32-byte full of hashes, replace them into 4 byte long hash prefixes, encrypts them sends them to a privacy server that will then send you forward to the safe browsing server. The improvement is rolling out to desktop users and IOS, then android later.
A ByteDance researcher was mistakenly added to a Slack group chat for the U.S. National Institute of Standards and Technology’s (NIST) Artificial Intelligence Safety Institute Consortium. The individual was quickly removed after NIST realized they were an employee of ByteDance, a company not part of the consortium and involved in debates over national security concerns related to TikTok. This incident highlights potential confidentiality vulnerabilities in such meetings, especially regarding the secure management of communication channels and participant vetting in sensitive AI safety discussions.
https://www.infosecurity-magazine.com/news/new-conversation-overflow-tactic/
Researchers have uncovered a cyber-attack strategy called “Conversation Overflow” where attackers use emails with hidden text to trick machine learning (ML) systems and breach enterprise networks. These emails appear normal but contain invisible sections filled with innocuous text, misleading ML algorithms into marking them as safe. This method allows phishing messages to bypass advanced security and directly reach the intended victims. This tactic, which seems to be in a beta testing phase by cybercriminals, challenges the effectiveness of AI and ML in cybersecurity. The attackers aim to steal credentials, particularly from high-ranking officials, for profit. The discovery by SlashNext highlights a significant evolution in cybercriminal methods in the age of AI-driven security, suggesting the need for improved AI/ML defenses, regular security training, and enhanced authentication measures.
The city government of Pensacola, Florida, is currently dealing with widespread phone outages due to a cyberattack announced over the weekend. The attack has caused delays in the 311 Citizen Support system, but emergency numbers like 911 remain operational. The city has created alternate phone numbers for various departments to maintain essential services, and the Pensacola International Airport, Port of Pensacola, and city email are operating normally. The spokesperson declined to provide details about the nature of the attack, such as whether it involved ransomware or if a ransom had been paid. This incident is the 21st cyberattack on a local government in the U.S. in 2024, with other recent attacks affecting Birmingham, Alabama, and Bernalillo County, New Mexico, as well as local governments outside the U.S., such as the District of North Vancouver and Leicester City Council in the U.K. https://therecord.media/cyberattack-pensacola-florida-knocks-out-phones
Misconfigured Firebase Instances Expose 125 Million User Records
https://www.securityweek.com/misconfigured-firebase-instances-expose-125-million-user-records/
Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords,
The article reports that 125 million user records were exposed due to misconfigured Firebase instances. Firebase is a popular platform for mobile app development. The exposure was caused by configuration errors, highlighting the importance of proper cloud security measures. The exposed records contained sensitive user information, putting users at risk. It all started with the hacking of Chattr, the AI hiring system that serves multiple organizations in the US, including fast food chains such as Applebee’s, Chick-fil-A, KFC, Subway, Taco Bell, and Wendy’s, three security researchers using the online monikers mrbruh, xyzeva, and logykk.
My take will be developers must prioritize security and take immediate action to prevent further exposure. of such in future, This incident also emphasizes the need for strict data privacy regulations to protect user data.
https://www.securityweek.com/misconfigured-firebase-instances-expose-125-million-user-records/
A series of security breaches stemmed from misconfigured Google Firebase instances, leading to the exposure of over 125 million user records, including plaintext passwords. The breaches began with the hacking of Chattr, an AI hiring system used by various US organizations, allowing researchers to gain full privileges to the database through a Firebase weakness. Subsequently, the researchers discovered hundreds of websites exposing sensitive information due to similar misconfigurations, totaling millions of records. Despite attempts to notify affected websites, only a fraction addressed the issue, with few offering bug bounties for vulnerabilities found.
Ooreofeoluwa Koyejo says
Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software
Cisco patches for multiple vulnerabilities in IOS RX software, including three high-severity flaws leading to denial-of-service (DoS) and elevation of privilege. The most severe of the high-severity bugs is CVE-2024-20320, an issue in the SSH feature of IOS RX that could allow attackers to elevate privileges to root by sending crafted SSH commands to the CLI.
Jon Stillwagon says
https://www.securityweek.com/chromes-standard-safe-browsing-now-has-real-time-url-protection/
This week Chrome’s standard safe browsing has real time URL protection and before it used to have an enhanced protection mode which was enabled in safe browsing. Now the standard safe browsing every site has a bad domain that is stored on googles servers. Google will provide a warning with more information if they suspect that you are going to go to a bad website, and they are checking real time which they aim to reduce phishing attempts by 25 percent. When you are going to go to a website chrome will first check the cache to see if the destination is safe. If it decides that the site is not in the cache it will turn the URL into a 32-byte full of hashes, replace them into 4 byte long hash prefixes, encrypts them sends them to a privacy server that will then send you forward to the safe browsing server. The improvement is rolling out to desktop users and IOS, then android later.
Eyup Aslanbay says
A ByteDance researcher was mistakenly added to a Slack group chat for the U.S. National Institute of Standards and Technology’s (NIST) Artificial Intelligence Safety Institute Consortium. The individual was quickly removed after NIST realized they were an employee of ByteDance, a company not part of the consortium and involved in debates over national security concerns related to TikTok. This incident highlights potential confidentiality vulnerabilities in such meetings, especially regarding the secure management of communication channels and participant vetting in sensitive AI safety discussions.
https://www.reuters.com/technology/us-standards-body-says-bytedance-researcher-wrongly-added-ai-safety-groupchat-2024-03-18/
Bo Wang says
https://www.infosecurity-magazine.com/news/new-conversation-overflow-tactic/
Researchers have uncovered a cyber-attack strategy called “Conversation Overflow” where attackers use emails with hidden text to trick machine learning (ML) systems and breach enterprise networks. These emails appear normal but contain invisible sections filled with innocuous text, misleading ML algorithms into marking them as safe. This method allows phishing messages to bypass advanced security and directly reach the intended victims. This tactic, which seems to be in a beta testing phase by cybercriminals, challenges the effectiveness of AI and ML in cybersecurity. The attackers aim to steal credentials, particularly from high-ranking officials, for profit. The discovery by SlashNext highlights a significant evolution in cybercriminal methods in the age of AI-driven security, suggesting the need for improved AI/ML defenses, regular security training, and enhanced authentication measures.
Yannick Rugamba says
The city government of Pensacola, Florida, is currently dealing with widespread phone outages due to a cyberattack announced over the weekend. The attack has caused delays in the 311 Citizen Support system, but emergency numbers like 911 remain operational. The city has created alternate phone numbers for various departments to maintain essential services, and the Pensacola International Airport, Port of Pensacola, and city email are operating normally. The spokesperson declined to provide details about the nature of the attack, such as whether it involved ransomware or if a ransom had been paid. This incident is the 21st cyberattack on a local government in the U.S. in 2024, with other recent attacks affecting Birmingham, Alabama, and Bernalillo County, New Mexico, as well as local governments outside the U.S., such as the District of North Vancouver and Leicester City Council in the U.K. https://therecord.media/cyberattack-pensacola-florida-knocks-out-phones
Celinemary Turner says
Misconfigured Firebase Instances Expose 125 Million User Records
https://www.securityweek.com/misconfigured-firebase-instances-expose-125-million-user-records/
Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords,
The article reports that 125 million user records were exposed due to misconfigured Firebase instances. Firebase is a popular platform for mobile app development. The exposure was caused by configuration errors, highlighting the importance of proper cloud security measures. The exposed records contained sensitive user information, putting users at risk. It all started with the hacking of Chattr, the AI hiring system that serves multiple organizations in the US, including fast food chains such as Applebee’s, Chick-fil-A, KFC, Subway, Taco Bell, and Wendy’s, three security researchers using the online monikers mrbruh, xyzeva, and logykk.
My take will be developers must prioritize security and take immediate action to prevent further exposure. of such in future, This incident also emphasizes the need for strict data privacy regulations to protect user data.
Edge Kroll says
https://www.securityweek.com/misconfigured-firebase-instances-expose-125-million-user-records/
A series of security breaches stemmed from misconfigured Google Firebase instances, leading to the exposure of over 125 million user records, including plaintext passwords. The breaches began with the hacking of Chattr, an AI hiring system used by various US organizations, allowing researchers to gain full privileges to the database through a Firebase weakness. Subsequently, the researchers discovered hundreds of websites exposing sensitive information due to similar misconfigurations, totaling millions of records. Despite attempts to notify affected websites, only a fraction addressed the issue, with few offering bug bounties for vulnerabilities found.