CyberAlerts

NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers

Description: NETGEAR has released security updates for multiple Nighthawk gaming routers, patching a critical unauthenticated remote code execution (RCE) vulnerability that could allow attackers to take control of affected devices. The company strongly advises users to install the latest firmware to mitigate the risk. The vulnerability, tracked under PSV-2023-0039, was reported through Bugcrowd, NETGEAR’s bug bounty … The post NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers appeared first on CyberInsider.

Source: CyberInsider

February 3rd, 2025 (5 months ago)

Fedora 41 : buku (2025-e035838041)

Description: Nessus Plugin ID 214873 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e035838041 advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214873

Source: Tenable Plugins

February 3rd, 2025 (5 months ago)

Fedora 40 : buku (2025-df3432c3ee)

Description: Nessus Plugin ID 214874 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-df3432c3ee advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214874

Source: Tenable Plugins

February 3rd, 2025 (5 months ago)

CVE-2018-18836

Ubuntu 20.04 LTS / 24.10 : Netdata vulnerabilities (USN-7250-1)

Description: Nessus Plugin ID 214875 with Critical Severity Synopsis The remote Ubuntu host is missing one or more security updates. Description The remote Ubuntu 20.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7250-1 advisory. It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18836) It was discovered that Netdata incorrectly handled parsing HTTP headers, which could lead to a HTTP header injection. An attacker could possibly use this issue to cause a denial of service or leak sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18837) It was discovered that Netdata incorrectly handled parsing URLs, which could lead to a log injection. An attacker could possibly use this issue to consume system resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18838) It was discovered Netdata improperly authenticated API keys. An attacker could possibly use this issue to leak sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-22497) It was discovered Fluent Bit, vendored in Netdata, incorrectly handled parsing HTTP payloads. An attacker c...

Source: Tenable Plugins

February 3rd, 2025 (5 months ago)

WhatsApp Says Zero-Click Attack Infected Users With Spyware

Description: WhatsApp has revealed that nearly 100 journalists and civil society members were targeted using spyware developed by the Israeli firm Paragon Solutions. The attack, which likely compromised the devices of some victims, was identified and disrupted in December 2024. While the perpetrators remain unknown, WhatsApp has sent a cease-and-desist letter to Paragon and is exploring … The post WhatsApp Says Zero-Click Attack Infected Users With Spyware appeared first on CyberInsider.

Source: CyberInsider

February 3rd, 2025 (5 months ago)

Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’

Source: TheRegister

February 3rd, 2025 (5 months ago)

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

Description: A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer. "Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

DragonNest - 511,290 breached accounts

Description: In August 2013, the massively multiplayer online role-playing game (MMORGP) DragonNest suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 500k unique email addresses along with usernames, IP addresses and plain text passwords. The service later suffered a massive data loss.

Source: HaveIBeenPwnedLatestBreaches

February 3rd, 2025 (5 months ago)

Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP

Source: TheRegister

February 3rd, 2025 (5 months ago)

CVE-2024-50304

ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()

Description: In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex is taken. Add a lockdep expression to hlist_for_each_entry_rcu() in ip_tunnel_find() in order to validate that the mutex is held and to silence the suspicious RCU usage warning [1]. [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted ----------------------------- net/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by ip/362: #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60 stack backtrace: CPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl+0xba/0x110 lockdep_rcu_suspicious.cold+0x4f/0xd6 ip_tunnel_find+0x435/0x4d0 ip_tunnel_newlink+0x517/0x7a0 ipgre_newlink+0x14c/0x170 __rtnl_newlink+0x1173/0x19c0 rtnl_newlink+0x6c/0xa0 rtnetlink_rcv_msg+0x3cc/0xf60 netlink_rcv_skb+0x171/0x450 netlink_unicast+0x539/0x7f0 netlink_sendmsg+0x8c1/0xd80 ____sys_sendmsg+0x8f9/0xc20 ___sys_sendmsg+0x197/0x1e0 __sys_sendmsg+0x122/0x1f0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f

EPSS Score: 0.04%

Source: CVE

February 3rd, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers Description: NETGEAR has released security updates for multiple Nighthawk gaming routers, patching a critical unauthenticated remote code execution (RCE) vulnerability that could allow attackers to take control of affected devices. The company strongly advises users to install the latest firmware to mitigate the risk. The vulnerability, tracked under PSV-2023-0039, was reported through Bugcrowd, NETGEAR’s bug bounty … The post NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers appeared first on CyberInsider. Source: CyberInsider February 3rd, 2025 (5 months ago)
	Fedora 41 : buku (2025-e035838041) Description: Nessus Plugin ID 214873 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e035838041 advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214873 Source: Tenable Plugins February 3rd, 2025 (5 months ago)
	Fedora 40 : buku (2025-df3432c3ee) Description: Nessus Plugin ID 214874 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-df3432c3ee advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214874 Source: Tenable Plugins February 3rd, 2025 (5 months ago)
CVE-2018-18836	Ubuntu 20.04 LTS / 24.10 : Netdata vulnerabilities (USN-7250-1) Description: Nessus Plugin ID 214875 with Critical Severity Synopsis The remote Ubuntu host is missing one or more security updates. Description The remote Ubuntu 20.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7250-1 advisory. It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18836) It was discovered that Netdata incorrectly handled parsing HTTP headers, which could lead to a HTTP header injection. An attacker could possibly use this issue to cause a denial of service or leak sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18837) It was discovered that Netdata incorrectly handled parsing URLs, which could lead to a log injection. An attacker could possibly use this issue to consume system resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18838) It was discovered Netdata improperly authenticated API keys. An attacker could possibly use this issue to leak sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-22497) It was discovered Fluent Bit, vendored in Netdata, incorrectly handled parsing HTTP payloads. An attacker c... Source: Tenable Plugins February 3rd, 2025 (5 months ago)
	WhatsApp Says Zero-Click Attack Infected Users With Spyware Description: WhatsApp has revealed that nearly 100 journalists and civil society members were targeted using spyware developed by the Israeli firm Paragon Solutions. The attack, which likely compromised the devices of some victims, was identified and disrupted in December 2024. While the perpetrators remain unknown, WhatsApp has sent a cease-and-desist letter to Paragon and is exploring … The post WhatsApp Says Zero-Click Attack Infected Users With Spyware appeared first on CyberInsider. Source: CyberInsider February 3rd, 2025 (5 months ago)
	Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’ Source: TheRegister February 3rd, 2025 (5 months ago)
	Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware Description: A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer. "Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a Source: TheHackerNews February 3rd, 2025 (5 months ago)
	DragonNest - 511,290 breached accounts Description: In August 2013, the massively multiplayer online role-playing game (MMORGP) DragonNest suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 500k unique email addresses along with usernames, IP addresses and plain text passwords. The service later suffered a massive data loss. Source: HaveIBeenPwnedLatestBreaches February 3rd, 2025 (5 months ago)
	Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP Source: TheRegister February 3rd, 2025 (5 months ago)
CVE-2024-50304	ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Description: In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex is taken. Add a lockdep expression to hlist_for_each_entry_rcu() in ip_tunnel_find() in order to validate that the mutex is held and to silence the suspicious RCU usage warning [1]. [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted ----------------------------- net/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by ip/362: #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60 stack backtrace: CPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl+0xba/0x110 lockdep_rcu_suspicious.cold+0x4f/0xd6 ip_tunnel_find+0x435/0x4d0 ip_tunnel_newlink+0x517/0x7a0 ipgre_newlink+0x14c/0x170 __rtnl_newlink+0x1173/0x19c0 rtnl_newlink+0x6c/0xa0 rtnetlink_rcv_msg+0x3cc/0xf60 netlink_rcv_skb+0x171/0x450 netlink_unicast+0x539/0x7f0 netlink_sendmsg+0x8c1/0xd80 ____sys_sendmsg+0x8f9/0xc20 ___sys_sendmsg+0x197/0x1e0 __sys_sendmsg+0x122/0x1f0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f EPSS Score: 0.04% Source: CVE February 3rd, 2025 (5 months ago)