Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal.
Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group’s activities since mid-2020, characterized the adversary as both capable and stealthy.
The targeting scope of the campaign is focused on Afghanistan, Azerbaijan, Iran, Iraq, Read More
Related Posts
CISA Warns of 4 New Vulnerabilities Exploited in the Wild
CISA Warns of 4 New Vulnerabilities Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting significant security risks for various devices used worldwide.
These vulnerabilities, which have been actively exploited in the wild, emphasize the need for organizations to prioritize their mitigation efforts to safeguard their infrastructure and data.
Details of the Vulnerabilities
CVE-2018-14933 – NUUO NVRmini Devices OS Command Injection
This vulnerability affects NUUO NVRmini devices, allowing remote attackers to execute commands using shell metacharacters in the uploaddir
parameter during a writeuploaddir
command.
Classified as an OS command injection flaw (CWE-78), it enables unauthorized remote access to critical operations. Since these devices are now End-of-Life (EoL) or End-of-Service (EoS), CISA recommends users discontinue their use to mitigate associated security risks.
Free Webinar on Best Practices for API vulnerability & Penetration Testing: Free Registration
CVE-2022-23227 – NUUO NVRmini 2 Devices Missing Authentication
This flaw impacts NUUO NVRmini 2 devices and arises from a missing authentication mechanism (CWE-306). Exploitation allows attackers to upload encrypted TAR archives, which can be abused to add arbitrary users to the system.
Since the affected product is EoL or EoS, users are strongly advised to phase it out and explore alternative solutions.
CVE-2019-11001 – Reolink Multiple IP Cameras OS Command Injection
This vulnerability affects Reolink IP cameras, including models such as RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W. It allows authenticated administrators to exploit the “TestEmail” functionality and inject OS commands as root.
This OS command injection issue (CWE-78) poses a critical security threat. CISA recommends discontinuing usage of the product if no effective mitigations are available.
CVE-2021-40407 – Reolink RLC-410W OS Command Injection
This vulnerability specifically impacts the Reolink RLC-410W camera. An authenticated OS command injection flaw (CWE-78) exists in the device’s network settings functionality, providing attackers with the ability to execute commands.
If no mitigations are in place, users should immediately cease product usage.
The KEV catalog, maintained by CISA, serves as a vital resource for organizations to address vulnerabilities that attackers are actively exploiting.
Updated in multiple formats (CSV, JSON, JSON Schema), this catalog helps network defenders prioritize vulnerability management in alignment with real-world threat activity.
Organizations are encouraged to assess their systems for exposure to these vulnerabilities and implement necessary measures before CISA’s recommended deadline of January 8, 2025.
By leveraging the KEV catalog, security teams can enhance their defenses and reduce the risk of exploitation.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
The post CISA Warns of 4 New Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.
Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware
Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware
The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives.
"While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach and highlights the alarming role USB drives play in spreading malware," Check Point said in new Read More
The Hacker News | #1 Trusted Cybersecurity News Site
CISA Warns of Apache Superset Vulnerability Exploitation
CISA Warns of Apache Superset Vulnerability Exploitation
CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.
The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek.
SecurityWeek RSS Feed