Friday , September 13 2024
calender

Explore the Latest Monthly Vulnerabilities Report: May 2024

The very month May-2024 is observed a significant increase in cybersecurity vulnerabilities across various software and operating systems. Many of these vulnerabilities have the potential to be exploited by malicious actors, posing a serious risk to organizations and individuals alike. It is crucial for organizations to stay vigilant and prioritize timely patching and updates to mitigate the risk of exploitation.

The latest vulnerability report shows that there are thousands of software vulnerabilities in many popular products. These vulnerabilities pose a constant threat to our safety. The report provides information on various cyber attack methods, including critical vulnerabilities and long-term compromises on computers. By analyzing the report, we can identify patterns that can help us prevent these attacks.
On Patch Tuesday, Microsoft releases security updates for the previous month. These updates have an impact on the systems and it is important to install them promptly.

CVE-2024-30051: Critical Elevation of Privilege in Windows DWM Core Library

Intel Issues Alert on 20+ Vulnerabilities, Urges Firmware Updates

Intel announced over 20 vulnerabilities in its processors and products in security advisories released on Tuesday. The chip giant has...
Read More
Intel Issues Alert on 20+ Vulnerabilities, Urges Firmware Updates

Urgent: GitLab Patches flaws allowing unapproved pipeline Job Execution

GitLab released security updates on Wednesday to fix 17 vulnerabilities, including a critical issue that lets attackers run pipeline jobs...
Read More
Urgent: GitLab Patches flaws allowing unapproved pipeline Job Execution

Fortinet admits data breach after hacker claims to steal 440GB

Fortinet confirmed a data breach after a threat actor claimed to have stolen 440GB of files from its Microsoft SharePoint...
Read More
Fortinet admits data breach after hacker claims to steal 440GB

Gov.t issues high alert on android devices

Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert for android devices on September 11, 2024 highlighting the vulnerabilities...
Read More
Gov.t issues high alert on android devices

TD Bank fined $28 million for sharing customer data

Because of disclosing incorrect and negative data, The Consumer Financial Protection Bureau (CFPB) on Wednesday fined TD Bank, one of...
Read More
TD Bank fined $28 million for sharing customer data

Global-Cybersecurity-Index
Bangladesh secure role-model position by ITU

Bangladesh secure prestigious role-model position in the latest ITU cyber security index published by ITU. Bangladesh ranks among the top...
Read More
Global-Cybersecurity-Index  Bangladesh secure role-model position by ITU

New RansomHub Attack Kill Kaspersky’s TDSSKiller To Disable EDR

Threatdown Managed Detection and Response (MDR) team has discovered the RansomHub ransomware gang using a new attack method wityh two...
Read More
New RansomHub Attack Kill Kaspersky’s TDSSKiller To Disable EDR

Not Enough, Say Experts
India set to train 5000 ‘Cyber Commandos’

India is to make 5,000 cyber commandos over the next five years to deal with cybercrimes in India, said Home...
Read More
Not Enough, Say Experts  India set to train 5000 ‘Cyber Commandos’

Researcher detect 21 New Ransomwares in August

In August, Cybersecurity researchers identified 21 new ransomware variants that threaten indivisual and business. Cybercriminals are improving their tactics, making...
Read More
Researcher detect 21 New Ransomwares in August

Microsoft patch September 2024 fixes 4 zero-days, 79 flaws

Microsoft patched September 2024 Tuesday addressing 79 vulnerabilities, including four actively exploited zero-days which covers critical flaws in Windows Installer,...
Read More
Microsoft patch September 2024 fixes 4 zero-days, 79 flaws

Description: CVE-2024-30051 is a serious security flaw in Microsoft Windows’ Desktop Window Manager (DWM) Core Library. It allows attackers to gain elevated privileges on affected systems. This vulnerability is actively being exploited and can have a significant impact.

Impact: A hacker can use this flaw to gain SYSTEM-level privileges, allowing them to execute any operation on the system, like running code, installing software, accessing, modifying, or deleting data, or creating a new account with full user rights.

Mitigation: Windows systems should be patched or updated immediately. Organizations should swiftly deploy Microsoft’s security updates to protect against this high-risk vulnerability.

CVE-2024-30043: Information Disclosure in Microsoft SharePoint Server

Description: Vulnerability in Microsoft SharePoint Server (CVE-2024-30043) could let an authorized attacker reveal sensitive information. Reported by Zero Day Initiative (ZDI).

Impact: This vulnerability enables Server-Side Request Forgery (SSRF) and NTLM relaying attacks. SSRF lets attackers make the application they control communicate with a different, potentially sensitive destination, while NTLM relaying lets the attacker authenticate themselves to other network services.

Mitigation: Users should update their Microsoft SharePoint Server installations, administrators should enforce strong authentication, and managers should monitor network activity for signs of abuse.

CVE-2024-30033: Elevation of Privilege in Windows Search Service

Description: CVE-2024-30033 is a security vulnerability in Windows Search Service that allows an attacker to elevate privileges and manipulate file deletions.

Implication: An attacker can exploit the target’s SELinux context to cause a deletion vulnerability. By constantly creating and removing arbitrary files, an attacker can trick the system into deleting important data or files required for system operations. This vulnerability can potentially cause the system to malfunction.

Mitigation: Updates for security can be applied by users and administrators to detect and prevent unauthorized file manipulations through strict access controls and regular system audits.

CVE-2024-30050: Security Feature Bypass in Windows Mark of the Web

Description: “CVE-2024-30050 is a vulnerability allowing ransomware gangs to bypass Windows Mark of the Web security feature.”

Implication: A skilled attacker can use a malware file to bypass traditional security defenses. This vulnerability can bypass security warnings and permissions, allowing the malicious file to be executed effectively.

Mitigation: It remains vitally important to follow proper security measures and educate users about the risks of downloading files from unknown sources.

Businesses today face various digital weaknesses such as privilege escalations, information leaks, and feature bypasses. Swiftly repairing these flaws upon discovery is essential to prevent attackers from taking advantage of them. Organizations that actively monitor these vulnerabilities are better positioned to stay secure than those that ignore or neglect this knowledge.

Identifying Potential Cybersecurity Threats in May 2024:

The CVE system is essential for tracking security vulnerabilities. The May 2024 CVE updates help us understand what needs to be addressed this year and how to protect our systems from security issues.

Mitigation Strategies for May 2024 Vulnerabilities:

CVE-2024-30051: Apply the Microsoft security updates right away.
Monitoring: Continuously monitor systems for signs of exploitation and unusual activities.
Access Controls: Limit administrative privileges to essential system functionality.

CVE-2024-30043: Information Disclosure in Microsoft SharePoint Server
Patching: Deploy the latest security patches from Microsoft.
Authentication: Strengthen authentication mechanisms, including multi-factor authentication (MFA).
Network Monitoring: Monitor for abnormal network traffic patterns indicative of SSRF or NTLM relay attacks.

CVE-2024-30033: Implement the necessary updates.
Access Controls: Prevent unauthorized file deletions.
Auditing: Regularly monitor logs for any suspicious file deletions.

CVE-2024-30050: Patching: Update all systems.
User Education: Inform users about the dangers of downloading and running files from untrusted sources.
Security Software: Use strong security software to prevent MOTW bypassing.

Threatmon said, such incidents remind us that it is always a good time to practice good forward security in our fast-changing cybersecurity world.

Check Also

Microsoft

Microsoft patch September 2024 fixes 4 zero-days, 79 flaws

Microsoft patched September 2024 Tuesday addressing 79 vulnerabilities, including four actively exploited zero-days which covers …

Leave a Reply

Your email address will not be published. Required fields are marked *