CyberAlerts

Super Bowl LIX Could Be a Magnet for Cyberattacks

Description: Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.

Source: Dark Reading

January 28th, 2025 (5 months ago)

G700 V6 RAT Full Setup Tutorial

Description: G700 V6 RAT Full Setup Tutorial

Source: DarkWebInformer

January 28th, 2025 (5 months ago)

Google to kill Chrome Sync on older Chrome browser versions

Description: Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. [...]

Source: BleepingComputer

January 28th, 2025 (5 months ago)

CVE-2025-0736

[org.infinispan:infinispan-parent] Infinispan vulnerable to Insertion of Sensitive Information into Log File

Description: A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors. References https://nvd.nist.gov/vuln/detail/CVE-2025-0736 https://access.redhat.com/security/cve/CVE-2025-0736 https://bugzilla.redhat.com/show_bug.cgi?id=2342233 https://github.com/advisories/GHSA-269m-c36j-r834

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)

January 28th, 2025 (5 months ago)

A Threat Actor is Selling TeraStealer 1.0

Description: A Threat Actor is Selling TeraStealer 1.0

Source: DarkWebInformer

January 28th, 2025 (5 months ago)

Garmin GPS watches crashing, stuck in triangle 'reboot loop'

Description: Garmin users are reporting that their watches crash when using apps that require GPS access and then get stuck in a reboot loop, showing a blue triangle logo. [...]

Source: BleepingComputer

January 28th, 2025 (5 months ago)

Carthage Police Department Has Fallen Victim to RHYSIDA Ransomware

Description: Carthage Police Department Has Fallen Victim to RHYSIDA Ransomware

Source: DarkWebInformer

January 28th, 2025 (5 months ago)

New Apple CPU side-channel attacks steals data from browsers

Description: A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. [...]

Source: BleepingComputer

January 28th, 2025 (5 months ago)

CVE-2024-45339

[github.com/golang/glog] Insecure Temporary File usage in github.com/golang/glog

Description: When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists. References https://nvd.nist.gov/vuln/detail/CVE-2024-45339 https://github.com/golang/glog/pull/74 https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2 https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File https://pkg.go.dev/vuln/GO-2025-3372 https://github.com/advisories/GHSA-6wxm-mpqj-6jpf

EPSS Score: 0.05%

Source: Github Advisory Database (Go)

January 28th, 2025 (5 months ago)

[ismp-grandpa] ismp-grandpa crate accepted incorrect signatures

Description: A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduced in this specific commit. Perhaps due to unfamiliarity with core substrate APIs. The if statement should have included a negation check, similar to the previous code, but this was omitted. Causing the verifier to only accept invalid signatures. This vulnerability remained undetected even with integration tests, as the prover was also misconfigured to initialize the Grandpa verifier with the incorrect authority set_id. This causes verification of honest precommit signatures to fail as the message is now malformed, but the verifier indeed only accepts signatures or messages that fail the verification check. But even more devastatingly, the verifier will also accept malicious GRANDPA signatures for any precommit message. This vulnerability has been fixed in this commit and a patch release has been published. Impact This could be used to steal funds or compromise other kinds of cross-chain applications. Patches This vulnerability has been fixed in the latest version of ismp-granpda v15.0.1 Recommendations Users who rely on the compromised versions must upgrade immediately, as all vulnerable versions of the crate has been yanked. References https://github.com/polytope-labs/hyperbrid...

Source: Github Advisory Database (Rust)

January 28th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Super Bowl LIX Could Be a Magnet for Cyberattacks Description: Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans. Source: Dark Reading January 28th, 2025 (5 months ago)
	G700 V6 RAT Full Setup Tutorial Description: G700 V6 RAT Full Setup Tutorial Source: DarkWebInformer January 28th, 2025 (5 months ago)
	Google to kill Chrome Sync on older Chrome browser versions Description: Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. [...] Source: BleepingComputer January 28th, 2025 (5 months ago)
CVE-2025-0736	[org.infinispan:infinispan-parent] Infinispan vulnerable to Insertion of Sensitive Information into Log File Description: A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors. References https://nvd.nist.gov/vuln/detail/CVE-2025-0736 https://access.redhat.com/security/cve/CVE-2025-0736 https://bugzilla.redhat.com/show_bug.cgi?id=2342233 https://github.com/advisories/GHSA-269m-c36j-r834 CVSS: MEDIUM (5.5) EPSS Score: 0.04% Source: Github Advisory Database (Maven) January 28th, 2025 (5 months ago)
	A Threat Actor is Selling TeraStealer 1.0 Description: A Threat Actor is Selling TeraStealer 1.0 Source: DarkWebInformer January 28th, 2025 (5 months ago)
	Garmin GPS watches crashing, stuck in triangle 'reboot loop' Description: Garmin users are reporting that their watches crash when using apps that require GPS access and then get stuck in a reboot loop, showing a blue triangle logo. [...] Source: BleepingComputer January 28th, 2025 (5 months ago)
	Carthage Police Department Has Fallen Victim to RHYSIDA Ransomware Description: Carthage Police Department Has Fallen Victim to RHYSIDA Ransomware Source: DarkWebInformer January 28th, 2025 (5 months ago)
	New Apple CPU side-channel attacks steals data from browsers Description: A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. [...] Source: BleepingComputer January 28th, 2025 (5 months ago)
CVE-2024-45339	[github.com/golang/glog] Insecure Temporary File usage in github.com/golang/glog Description: When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists. References https://nvd.nist.gov/vuln/detail/CVE-2024-45339 https://github.com/golang/glog/pull/74 https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2 https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File https://pkg.go.dev/vuln/GO-2025-3372 https://github.com/advisories/GHSA-6wxm-mpqj-6jpf EPSS Score: 0.05% Source: Github Advisory Database (Go) January 28th, 2025 (5 months ago)
	[ismp-grandpa] ismp-grandpa crate accepted incorrect signatures Description: A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduced in this specific commit. Perhaps due to unfamiliarity with core substrate APIs. The if statement should have included a negation check, similar to the previous code, but this was omitted. Causing the verifier to only accept invalid signatures. This vulnerability remained undetected even with integration tests, as the prover was also misconfigured to initialize the Grandpa verifier with the incorrect authority set_id. This causes verification of honest precommit signatures to fail as the message is now malformed, but the verifier indeed only accepts signatures or messages that fail the verification check. But even more devastatingly, the verifier will also accept malicious GRANDPA signatures for any precommit message. This vulnerability has been fixed in this commit and a patch release has been published. Impact This could be used to steal funds or compromise other kinds of cross-chain applications. Patches This vulnerability has been fixed in the latest version of ismp-granpda v15.0.1 Recommendations Users who rely on the compromised versions must upgrade immediately, as all vulnerable versions of the crate has been yanked. References https://github.com/polytope-labs/hyperbrid... Source: Github Advisory Database (Rust) January 28th, 2025 (5 months ago)