Threat Report 12/10/24
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the user's associated privileges, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Fortinet FortiSIEM which could allow for remote code execution. FortiSIEM is a multi-tenant SIEM that offers real-time infrastructure and user awareness for precise threat detection, analysis, and reporting. Successful exploitation could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
References
A vulnerability has been discovered in Check Point Security Gateway Products that could allow for credential access. A Check Point Security Gateway sits between an organization’s environment and the Internet to enforce policy and block threats and malware. Successful exploitation of this vulnerability could allow for credential access to local accounts due to an arbitrary file read vulnerability. Other sensitive files such as SSH keys and certificates may also be read. Depending on the privileges associated with the accounts, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Local accounts that are configured to have fewer rights on the system could be less impacted than those that operate with administrative rights.
Affected Systems:
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Progress Telerik Report Server, which could allow for remote code execution. Telerik Report Server provides centralized management for Progress’ business intelligence reporting suite through a web application. Successful chain exploitation of these vulnerabilities could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Services whose accounts are configured to have fewer rights on the system could be less impacted than those that operate with administrative rights.
Affected Systems:
Risk
Remediation Recommendations
References
On May 31, Ticketmaster’s parent company, Live Nation Entertainment, revealed in an 8-K filing with the federal Securities and Exchange Commission that it had discovered unauthorized activity regarding Ticketmaster data about a week and a half earlier. A public company files an 8-K when an unexpected major event occurs of interest to shareholders and investors. Live Nation’s investigation found that the data was for sale on the dark web, the secretive corridors of the internet where criminals barter illegally obtained consumer information.
The hacker group ShinyHunters is responsible for the theft of 1.3 terabytes of personally identifiable information, impacting 560 million Ticketmaster customers.
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...
Multiple Vulnerabilities in Microsoft Edge (Chromium-Based) Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered...