CERT-UA Uncovers Gamaredon’s Rapid Data Exfiltration Tactics Following Initial Compromise
The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise.
"As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in most cases, using previously compromised accounts," the Computer Emergency Response Team of Ukraine (CERT-UA) said in Read More
The Hacker News | #1 Trusted Cybersecurity News Site
PyPI suspends new user registration to block malware campaign
The Python Package Index (PyPI) has temporarily suspended user registration and the creation of new projects to deal with an ongoing malware campaign. […] Read More
SAP Security Patch Addresses Privilege Escalation Flaw
SAP is a leading enterprise software suite that integrates various business functions like:-
Finance
Human resources
Supply chain management
This renowned enterprise software suite helps organizations to:-
Streamline processes
Enhance efficiency
Make data-driven decisions
Recently, on a security note, the German multinational software company SAP released a security patch for vulnerabilities like privilege escalation flaws discovered in SAP products.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.
SAP Security Patch
To protect the SAP landscape, SAP urged customers to visit the SAP Support Portal immediately and apply the newly released security patches.
Ensure SAP software security through regular SAP Security Patch Days every second Tuesday synchronized with major vendors.
Here below, we have mentioned all the security researchers who have contributed to security patches this month:-
Ahmed Hamza
Amin ACHOUR
Dzianis Skliar
Fabian Lupa
Ignacio Oliva
Yvan Genuer
Joris van de Vis
Barhaam
Wouter van der Houven
Here below, we have mentioned all the companies that have contributed to security patches this month:-
Onapsis Research Labs
SecurityBridge
TTG Cyber
Delivering reliable products and cloud services is SAP’s utmost commitment and priority. For data integrity and secure functioning, secure setup is a crucial element.
Vulnerabilities that are fixed in this patch:-
CVE-2023-49583 (CVSS 9.1): Escalation of Privileges in applications developed through SAP Business Application Studio, SAP Web IDE Full-Stack, and SAP Web IDE for SAP HANA
CVE-2023-49583 (CVSS 9.1): Escalation of Privileges in SAP Edge Integration Cell
CVE-2023-50422 (CVSS 9.1): Escalation of Privileges in SAP Edge Integration Cell
CVE-2023-49583 (CVSS 9.1): Escalation of Privileges in SAP Business Technology Platform (BTP) Security Services Integration Libraries
CVE-2023-50422 (CVSS 9.1): Escalation of Privileges in SAP Business Technology Platform (BTP) Security Services Integration Libraries
CVE-2023-50423 (CVSS 9.1): Escalation of Privileges in SAP Business Technology Platform (BTP) Security Services Integration Libraries
CVE-2023-50424 (CVSS 9.1): Escalation of Privileges in SAP Business Technology Platform (BTP) Security Services Integration Libraries
CVE-2024-21737 (CVSS 8.4): Code Injection vulnerability in SAP Application Interface Framework (File Adapter)
CVE-2023-44487 (CVSS 7.5): Denial of service (DOS) in SAP Web Dispatcher, SAP NetWeaver Application server ABAP, and ABAP Platform
CVE-2024-22125 (CVSS 7.4): Information Disclosure vulnerability in Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)
CVE-2024-21735 (CVSS 7.3): Improper Authorization check in SAP LT Replication Server
CVE-2024-21736 (CVSS 6.4): Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)
CVE-2023-31405 (CVSS 5.3): Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer)
CVE-2024-21738 (CVSS 4.1): Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
CVE-2024-22124 (CVSS 4.1): Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager
CVE-2024-21734 (CVSS 3.7): URL Redirection vulnerability in SAP Marketing (Contacts App)
Try Kelltron’s cost-effective penetration testing services for free to assess and evaluate the security posture of digital systems
Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked
Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.
The breach, which occurred due to a misconfiguration in the systems of Cariad, VW’s software subsidiary, left sensitive data stored on Amazon Cloud publicly accessible for months.
The exposed information included precise GPS data, which allowed for the creation of detailed movement profiles of the vehicles and their owners.
This breach not only compromised the privacy of everyday citizens but also affected high-profile individuals such as politicians, business leaders, and law enforcement officers.
The breach was discovered by the Chaos Computer Club (CCC), a German hacker group known for its ethical hacking practices. The CCC promptly informed Volkswagen of the vulnerability, allowing the company to address the issue before it could be exploited maliciously.
This incident underscores the growing concerns over data privacy in the automotive industry, where connected vehicles are becoming increasingly common.
Volkswagen’s data breach is part of a broader trend of security issues within the automotive sector. A 2023 study by the Mozilla Foundation revealed that modern cars are a “privacy nightmare,” with 25 car brands collecting more data than necessary and 76% of them admitting to the potential resale of this data. Additionally, 68% of the brands had experienced hacks, security incidents, or data leaks in the previous three years.
This incident follows other notable breaches in the industry. In January 2023, a team led by hacker Sam Curry demonstrated how they could access BMW employee and dealer accounts, viewing sales documents.
Similarly, Mercedes-Benz’s internal chat system was compromised, and Kia vehicles were found to be vulnerable to remote unlocking and starting.
The Jeep hack of 2015 remains a legendary example of automotive cybersecurity vulnerabilities. Two IT specialists remotely accessed a Jeep’s electronics through its cellular module, controlling brakes, speed, and radio. This led to a recall of 1.4 million vehicles for a software update to prevent such attacks.
Volkswagen has not yet provided detailed information on how they plan to mitigate the damage or prevent future breaches. However, this incident serves as a stark reminder of the critical need for robust cybersecurity measures in the automotive industry, especially as vehicles become more connected and data-driven.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free