InfoSecBulletin Cybersecurity for mankind
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.
The vulnerabilities are listed below –
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
CVE-2012-4792 (CVSS score: 9.3) – Microsoft Internet Explorer Use-After-Free Vulnerability
CVE-2024-39891 (CVSS score: 5.3) – Twilio Authy Information Disclosure Vulnerability
CVE-2012-4792 is a decade-old use-after-free vulnerability in Internet Explorer that could allow a remote attacker to execute arbitrary code via a specially crafted site.
It’s currently not clear if the flaw has been subjected to renewed exploitation attempts, although it was abused as part of watering hole attacks targeting the Council on Foreign Relations (CFR) and Capstone Turbine Corporation websites back in December 2012.
CVE-2024-39891 is an information disclosure bug that allows unauthenticated users to access phone number registration information with Authy.
Twilio fixed the issue in versions 25.1.0 (Android) and 26.1.0 (iOS) that allowed unidentified threat actors to access data linked to Authy accounts.
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA said in an advisory.
