Suggestions

Jan 19, 2024: Firmware flaws, Docker alert, and cyber warnings galore

January 19, 2024
by
1 min read

Bullet Points:

  • Nine vulnerabilities found in server firmware
  • Graphic processors have a memory leak vulnerability
  • Malware targeting vulnerable Docker services
  • Ability to fight Androxgh0st malware
  • Financial services sector facing phishing attacks
  • Iranian-based threat group targeting Middle Eastern experts

Nine vulnerabilities have been found in an open-source reference implementation of a protocol that allows enterprise computers and data centre servers to boot across a network. Researchers at Quarkslab say the problems are in TCP/IP stack specification maintained by Tianocore TEE-AN-O-CoRE, a community of developers from software vendors including Microsoft, ARM, American Megatrends, Phoenix Technologies and others that use the project for their firmware implementations.

Separately, the Carnegie CERT issued a warning that general-purpose graphic processors from AMD, Apple and Qualcomm have a memory leak vulnerability. IT managers should watch for security updates from their hardware makers.

Researchers at Cado Security have warned Docker administrators to make sure their containers are secure following the discovery of malware hunting for vulnerable Docker services. The malware installs a cryptominer and a threat application called 9hits in compromised containers. The method by which the malware is spread is not currently known.

American cybersecurity authorities have issued an advisory to help Defenders fight the Androxgh0st malware that is being used to create a botnet. Targets include stealing login credentials and compromising websites

Research from Abnormal Security has highlighted that the attacks on the financial sector have seen an increase in recent years. It is suggested that IT departments try to mitigate the risk of phishing attacks by implementing appropriate defences.

The Iranian-based threat group, Mint Sandstorm, has been targeting Middle Eastern affairs experts according to Microsoft. The group is using phishing lures to trick its targets and gain access to their computers via a backdoor.

For a more comprehensive roundup of all the latest cybersecurity threats and developments, listen to the Week in Review podcast.

Post Views: 75

Adrian Johnson

Latest from Blog

Bridging the cyber talent gap: tips for CISOs

TLDR: – Global cyber threats have increased twofold in recent years, leading to a talent gap of nearly 4 million cyber professionals worldwide. – Existing cyber staff are under strain, with vacancies

North Korean hackers pivot to ransomware attacks

TLDR: North Korean hackers from APT45 have shifted from cyber espionage to ransomware attacks APT45 has targeted critical infrastructure and is linked to ransomware families SHATTEREDGLASS and Maui A North Korea-linked threat

Cyber insurance evolves to cover all your online needs

TLDR: Cyber insurance coverage is evolving to help raise security baselines across businesses. Only one-quarter of companies have a standalone cyber insurance policy. In today’s evolving cybersecurity landscape, cyber insurance coverage is