Author: nlqip
Introduction Welcome to the October 2024 installment of the Sensor Intelligence Series, our monthly summary of vulnerability intelligence based on distributed passive sensor data. Following on from our last month’s analysis, scanning of CVE-2017-9841 has fallen to barely a trickle. CVE-2023-1389, an RCE vulnerability in TP-Link Archer AX21 consumer routers, which has been consistently towards…
Read More
QNAP has released security bulletins over the weekend, which address multiple vulnerabilities, including three critical severity flaws that users should address as soon as possible. Starting with QNAP Notes Station 3, a note-taking and collaboration application used in the firm’s NAS systems, the following two vulnerabilities impact it: CVE-2024-38643 – Missing authentication for critical functions…
Read More
Microsoft has shared a new method to fix a bug preventing app uninstalls or updates on Windows 10 for those unwilling to deploy this month’s preview update. As the company first acknowledged on Thursday, some users have been unable to update or uninstall packaged applications like Microsoft Teams and other third-party apps after receiving the…
Read More
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. Blue Yonder (formerly JDA Software) operates as a Panasonic subsidiary with an annual revenue of over a billion USD and 6,000 employees. The company offers AI-driver supply chain…
Read More
A Kansas City man has been indicted for allegedly hacking into computer networks and using this access to promote his cybersecurity services. According to the Department of Justice, Nicholas Michael Kloster, 31, of Kansas City, Missouri, breached two computer networks, a health club business and a nonprofit organization. According to the indictment unsealed on Friday, Kloster had…
Read More
Microsoft now blocks the Windows 11 24H2 update on computers with USB scanners that support the eSCL protocol, a driverless scanning protocol that works over Ethernet, Wi-Fi, and USB connections. The list of impacted devices includes standalone scanners and other devices with scan functionality, such as multi-function printers, fax machines, modems, and other network devices…
Read More
The Thailand police located a van and arrested its driver for using an SMS blaster device to spam over 100,000 SMS phishing texts an hour to people living in Bangkok. The device, which reportedly had a range of approximately three kilometers (10,000 feet), could send out messages at a rate of 100,000 every hour. Over three…
Read MoreCISA has received multiple reports of a large-scale spearphishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spearphishing emails containing malicious remote desktop protocol (RDP) files to targeted organizations to connect to and access files stored on the target’s…
Read More
Meta announced that it has taken down 2 million accounts across its platforms since the beginning of the year that are linked to pig butchering and other scams. Most of these accounts originate from Myanmar, Laos, the United Arab Emirates, the Philippines, and Cambodia, which is known for hosting “scam slave” operations. “These criminal scam…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28461 Array Networks AG and vxAG ArrayOS Improper Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant…
Read More