All that is needed is a USB stick with a custom “shim” image according to the version of the Chromebook board. The exploit works by gaining arbitrary remote code execution during the recovery mode of ChromeOS. It is advised to keep all your devices up to date to avoid unintended vulnerabilities.Ĭhromebooks are massively used in colleges, schools, and institutions as enrolled devices that only allow access to specific functionalities, which is controlled by administrators who create policies depending on the requirement.Ī new exploit dubbed “Sh1mmer” is a jailbreaking technique that allows people to bypass the device restrictions, allowing the user to unenroll the device from the managed network. The variant looks for unpatched devices and exploits known vulnerabilities to compromise systems, mainly remote code execution exploits. As before, the botnet has locked Linux and IoT devices with a public IP address as its target. Palo Alto’s security intelligence team Unit 42 revealed that Mirai botnet has resurfaced in form of a new variant, dubbed the V3G4 variant. And over the years, there have been numerous Mirai variants causing havoc, and new variants keep emerging due to the fact that Mirai botnet’s source code is open-source.Ģ023 is no different. Since its discovery in 2016, Mirai has performed multiple high-profile DDoS attacks successfully. KillNet continues to perform DDoS attacks on high-value targets and threaten others.Īs we all know, the Mirai botnet is one of the most notorious in cybersecurity history. ![]() Data was also stolen which was published by the threat actor. Websites of multiple medical institutions were brought down in a series of DDoS attacks at the end of January. The pro-Russia hacking group recently hit NATO’s headquarters in an attempt to stop its aid program for devastating earthquakes that happened in Turkey and Syria region earlier this month,įurther, KillNet has recently targeted the healthcare industry in the US and Europe. Otherwise, affected systems will remain vulnerable.Ī hacktivist collective known as KillNet, formed somewhere in March 2022, has continued to threaten multiple sectors including banking, healthcare, airlines, etc. Versions from 1.8.0 up to 1.9.11 (both included) are affected by this vulnerability, and it is advised to upgrade to 1.9.12 which is the patched version. This was demonstrated in one proof of concept exploit, where the “sudoers” (a file containing sudo related configuration) were edited to give arbitrary root access. A flaw in sudoedit (or the “sudo -e”) implementation allowed users with permission to execute sudoedit as root to edit unauthorized files. Sudo Exploit: CVE-2023-22809Īnother year, another major sudo vulnerability. These things will continue throughout the year take our word for it. These were some of the major breaches, and as usual, we see mentions of leaked credentials, phishing, exposed APIs, and whatnot. The attacker had taken over an exploited API, leading to the leakage of data. Although the breach occurred in November 2022, T-Mobile first noticed malicious activity around the beginning of January.
0 Comments
Leave a Reply. |