Threat Advisory – August 25 – 31

Hacker picture

CySec News

A critical command injection vulnerability in a Bitbucket product could allow an attacker to execute arbitrary code, researchers warn. Bitbucket is a Git-based source code repository hosting service owned by Atlassian. The flaw, tracked as CVE-2022-36804, is a command injection vulnerability in multiple API endpoints of Bitbucket Server and Data Center.

Reference: https://portswigger.net/daily-swig/critical-command-injection-vulnerability-discovered-in-bitbucket-server-and-data-center

 

Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company’s source code and proprietary technical information.

Reference: https://www.bleepingcomputer.com/news/security/lastpass-developer-systems-hacked-to-steal-source-code/

 

Microsoft Azure customers’ virtual machines (VMs) running Ubuntu 18.04 have been taken offline by an ongoing outage caused by a faulty systemd update. The outage started nine hours earlier, around 06:00 UTC, after the affected customers upgraded to systemd version 237-3ubuntu10.54 and their VMs started experiencing DNS errors, with no DNS resolver addresses available on impacted systems.

Reference: https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-outage-knocks-ubuntu-vms-offline-after-buggy-update/

 

Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users’ browsing activity and profit of retail affiliate programs. “The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website,” McAfee researchers Oliver Devane and Vallabh Chole said.

Reference: https://thehackernews.com/2022/08/experts-find-malicious-cookie-stuffing.html

 

Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework in their intrusion campaigns as a replacement for Cobalt Strike. “Given Cobalt Strike’s popularity as an attack tool, defenses against it have also improved over time,” Microsoft security experts said. “Sliver thus presents an attractive alternative for actors looking for a lesser-known toolset with a low barrier for entry.”

Reference: https://thehackernews.com/2022/08/cybercrime-groups-increasingly-adopting.html

CVE’s of the Week

Cisco

CVE-2022-20921

Dell

CVE-2022-33932

CVE-2022-32480

CVE-2022-31238

CVE-2022-31237

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.