The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations.
Agrius, also known as Pink Sandstorm (formerly Americium), has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of ransomware infections.
Microsoft has attributed the threat actor to Iran’s Ministry of Read More
Related Posts
Google Chrome Security Flaw Let Attackers to Crash the Browser
Google Chrome Security Flaw Let Attackers to Crash the Browser
As part of a security update for Chrome, Google has upgraded the Stable channels to 118.0.5993.117 for Mac and Linux and 118.0.5993.117/.118 for Windows.
The Extended Stable channel has been upgraded to 118.0.5993.117 for Mac and 118.0.5993.118 for Windows.
There are two security fixes in this release. Over the coming days and weeks, the update will be implemented.
High Severity Flaw Addressed
A Use after free in profiles is categorized as CVE-2023-5472 and has a severity level of “High.” Referencing memory after it has been released might cause a browser to crash, utilize unexpected values, or execute code. Hence, it can affect confidentiality, reliability, and accessibility.
Generally, a Use-After-Free (UAF) arises when dynamic memory is used improperly while a program is running. A program can be hacked by an attacker if, after freeing up memory, it fails to delete the pointer to that memory.
For exploitation to be successful, user involvement is necessary. Google awarded $3000 to the researcher @18楼梦想改造家 in recognition of their findings.
Chrome Security Update
Google recommends users update to the most recent version of Google Chrome to prevent exploiting vulnerabilities.
“The Stable channel has been updated to 118.0.5993.117 for Mac and Linux and 118.0.5993.117/.118 for Windows”, Google said.
“The Extended Stable channel has been updated to 118.0.5993.117 for Mac and 118.0.5993.118 for Windows”.
How to Update Google Chrome
On your computer, open Chrome.
At the top right, click More.
Click Help About Google Chrome.
Click Update Google Chrome. Important: If you can’t find this button, you’re on the latest version.
Click Relaunch.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.
The post Google Chrome Security Flaw Let Attackers to Crash the Browser appeared first on Cyber Security News.
Cyber Security News
NVIDIA Triton Server Flaw Let Attackers Execute Remote Code
NVIDIA Triton Server Flaw Let Attackers Execute Remote Code
Two critical vulnerabilities have been discovered in NVIDIA’s Triton Inference Server, a widely used AI inference server.
These vulnerabilities, CVE-2024-0087 and CVE-2024-0088, pose severe risks, including remote code execution and arbitrary address writing, potentially compromising the security of AI models and sensitive data.
CVE-2024-0087: Arbitrary File Write
The first vulnerability, CVE-2024-0087, involves the Triton Server’s log configuration interface.
The /v2/logging endpoint accepts a log_file parameter, allowing users to set an absolute path for log file writing.
Attackers can exploit this feature to write arbitrary files, including critical system files like /root/.bashrc or /etc/environment.
By injecting malicious shell scripts into these files, attackers can achieve remote code execution when the server executes the scripts.
Proof of Concept
A proof of concept (POC) demonstrates the exploitability of this vulnerability.
An attacker can write a command to a critical file by sending a crafted POST request to the logging interface.
For instance, writing to /root/.bashrc and then executing a command to confirm the attack showcases the potential for severe damage.
CVE-2024-0088: Inadequate Parameter Validation
The second vulnerability, CVE-2024-0088, stems from inadequate parameter validation in Triton Server’s shared memory handling. This flaw allows arbitrary address writing through the output result process.
An attacker can cause a segmentation fault by manipulating the shared_memory_offset and shared_memory_byte_size parameters, leading to potential memory data leakage.
Scan Your Business Email Inbox to Find Advanced Email Threats – Try AI-Powered Free Threat Scan
Proof of Concept
A POC for CVE-2024-0088 involves registering a shared memory region and then making an inference request with a malicious offset.
This results in a segmentation fault, demonstrating the vulnerability’s impact on the server’s stability and security.
Implications and Industry Response
The discovery of these vulnerabilities highlights the critical need for robust AI security measures.
Exploiting these flaws could lead to unauthorized access, data theft, and manipulation of AI model results, posing significant risks to user privacy and corporate interests.
Companies relying on Triton Server for AI services must urgently apply patches and enhance security protocols to mitigate these threats.
As AI technology advances, ensuring the security of AI infrastructure is paramount.
The vulnerabilities in NVIDIA’s Triton Inference Server are a stark reminder of the ongoing challenges in AI security, necessitating vigilant efforts to protect against potential exploits.
Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The post NVIDIA Triton Server Flaw Let Attackers Execute Remote Code appeared first on Cyber Security News.

Thoma Bravo completes acquisition of ForgeRock. SentinelOne may be exploring a sale. SpyCloud secures $110 million.
Thoma Bravo completes acquisition of ForgeRock. SentinelOne may be exploring a sale. SpyCloud secures $110 million.
Gamma acquires Satisnet. Grip Security raises $41 million in Series B round. Read More
The CyberWire