CyberAlerts

Bridging the 'Keyboard-to-Chair' Gap With Identity Verification

Description: Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.

Source: Dark Reading

December 19th, 2024 (4 months ago)

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Description: Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024. "These systems have been infected with the Mirai

Source: TheHackerNews

December 19th, 2024 (4 months ago)

schenkYOU - 237,349 breached accounts

Description: In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store.

Source: HaveIBeenPwnedLatestBreaches

December 19th, 2024 (4 months ago)

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

Description: The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the

Source: TheHackerNews

December 19th, 2024 (4 months ago)

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

Description: The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data

Source: TheHackerNews

December 19th, 2024 (4 months ago)

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,

Source: TheHackerNews

December 19th, 2024 (4 months ago)

Assured Cyber Incident Response scheme – important updates

Description: We’ve updated the CIR 'Enhanced Level' scheme standard and will be ready to accept applications in the new year.

Source: NCSC Alerts and Advisories

December 19th, 2024 (4 months ago)

CVE-2024-45338

[golang.org/x/net] Non-linear parsing of case-insensitive content in golang.org/x/net/html

Description: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. References https://nvd.nist.gov/vuln/detail/CVE-2024-45338 https://github.com/golang/go/issues/70906 https://go.dev/cl/637536 https://go.dev/issue/70906 https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ https://pkg.go.dev/vuln/GO-2024-3333 https://github.com/advisories/GHSA-w32m-9786-jp63

EPSS Score: 0.05%

Source: Github Advisory Database (Go)

December 19th, 2024 (4 months ago)

CVE-2024-36694

[opencart/opencart] Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability

Description: Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xrh7-2gfq-4rcq. This link is maintained to preserve external references. Original Description OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function. References https://nvd.nist.gov/vuln/detail/CVE-2024-36694 https://github.com/opencart/opencart/issues/13863 https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md https://github.com/opencart/opencart/releases/tag/4.0.2.3 https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9 https://github.com/advisories/GHSA-j2v2-3784-vr44

EPSS Score: 0.05%

Source: Github Advisory Database (Composer)

December 19th, 2024 (4 months ago)

BitView - 63,127 breached accounts

Description: In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records. Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, usernames, bios, private messages, video comments and for some records, gender, date of birth and country of location.

Source: HaveIBeenPwnedLatestBreaches

December 19th, 2024 (4 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Bridging the 'Keyboard-to-Chair' Gap With Identity Verification Description: Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability. Source: Dark Reading December 19th, 2024 (4 months ago)
	Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords Description: Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024. "These systems have been infected with the Mirai Source: TheHackerNews December 19th, 2024 (4 months ago)
	schenkYOU - 237,349 breached accounts Description: In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store. Source: HaveIBeenPwnedLatestBreaches December 19th, 2024 (4 months ago)
	UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App Description: The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the Source: TheHackerNews December 19th, 2024 (4 months ago)
	Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency Description: The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data Source: TheHackerNews December 19th, 2024 (4 months ago)
	CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls, Source: TheHackerNews December 19th, 2024 (4 months ago)
	Assured Cyber Incident Response scheme – important updates Description: We’ve updated the CIR 'Enhanced Level' scheme standard and will be ready to accept applications in the new year. Source: NCSC Alerts and Advisories December 19th, 2024 (4 months ago)
CVE-2024-45338	[golang.org/x/net] Non-linear parsing of case-insensitive content in golang.org/x/net/html Description: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. References https://nvd.nist.gov/vuln/detail/CVE-2024-45338 https://github.com/golang/go/issues/70906 https://go.dev/cl/637536 https://go.dev/issue/70906 https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ https://pkg.go.dev/vuln/GO-2024-3333 https://github.com/advisories/GHSA-w32m-9786-jp63 EPSS Score: 0.05% Source: Github Advisory Database (Go) December 19th, 2024 (4 months ago)
CVE-2024-36694	[opencart/opencart] Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability Description: Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xrh7-2gfq-4rcq. This link is maintained to preserve external references. Original Description OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function. References https://nvd.nist.gov/vuln/detail/CVE-2024-36694 https://github.com/opencart/opencart/issues/13863 https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md https://github.com/opencart/opencart/releases/tag/4.0.2.3 https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9 https://github.com/advisories/GHSA-j2v2-3784-vr44 EPSS Score: 0.05% Source: Github Advisory Database (Composer) December 19th, 2024 (4 months ago)
	BitView - 63,127 breached accounts Description: In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records. Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, usernames, bios, private messages, video comments and for some records, gender, date of birth and country of location. Source: HaveIBeenPwnedLatestBreaches December 19th, 2024 (4 months ago)