Jan 19, 2024: Firmware flaws, Docker alert, and cyber warnings galore

January 19, 2024
1 min read

Bullet Points:

  • Nine vulnerabilities found in server firmware
  • Graphic processors have a memory leak vulnerability
  • Malware targeting vulnerable Docker services
  • Ability to fight Androxgh0st malware
  • Financial services sector facing phishing attacks
  • Iranian-based threat group targeting Middle Eastern experts

Nine vulnerabilities have been found in an open-source reference implementation of a protocol that allows enterprise computers and data centre servers to boot across a network. Researchers at Quarkslab say the problems are in TCP/IP stack specification maintained by Tianocore TEE-AN-O-CoRE, a community of developers from software vendors including Microsoft, ARM, American Megatrends, Phoenix Technologies and others that use the project for their firmware implementations.

Separately, the Carnegie CERT issued a warning that general-purpose graphic processors from AMD, Apple and Qualcomm have a memory leak vulnerability. IT managers should watch for security updates from their hardware makers.

Researchers at Cado Security have warned Docker administrators to make sure their containers are secure following the discovery of malware hunting for vulnerable Docker services. The malware installs a cryptominer and a threat application called 9hits in compromised containers. The method by which the malware is spread is not currently known.

American cybersecurity authorities have issued an advisory to help Defenders fight the Androxgh0st malware that is being used to create a botnet. Targets include stealing login credentials and compromising websites

Research from Abnormal Security has highlighted that the attacks on the financial sector have seen an increase in recent years. It is suggested that IT departments try to mitigate the risk of phishing attacks by implementing appropriate defences.

The Iranian-based threat group, Mint Sandstorm, has been targeting Middle Eastern affairs experts according to Microsoft. The group is using phishing lures to trick its targets and gain access to their computers via a backdoor.

For a more comprehensive roundup of all the latest cybersecurity threats and developments, listen to the Week in Review podcast.

Latest from Blog

MediSecure hacked with massive ransomware data breach

Summary of ‘MediSecure hit by large-scale ransomware data breach’ TLDR: MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack. The incident is believed to have originated from one of

Equalizing cybersecurity for all

TLDR: A discussion on how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection, and response solutions. Blumira is working to lower the barrier to entry in cybersecurity for

Big cyber-attacks cost less now

Summary of Unexpectedly, the cost of big cyber-attacks is falling TLDR: Cybercrime costs are expected to rise to $23 trillion by 2027, according to Anne Neuberger Data shows that the economic impact