Security researchers at Tenable have exposed a dangerous chain of vulnerabilities within Arcserve Unified Data Protection (UDP), a widely used backup and disaster recovery solution. These flaws could allow attackers to bypass authentication mechanisms, upload malicious files, and even crash critical backup systems.
Today is Microsoft’s March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws.
This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution and denial of service flaws.
The number of bugs in each vulnerability category is listed below
24 Elevation of Privilege Vulnerabilities
3 Security Feature Bypass Vulnerabilities
18 Remote Code Execution Vulnerabilities
6 Information Disclosure Vulnerabilities
6 Denial of Service Vulnerabilities
2 Spoofing Vulnerabilities
The total count of 60 flaws does not include 4 Microsoft Edge flaws fixed on March 7th.
Furthermore, Microsoft did not disclose any zero-days as part of today’s Patch Tuesday updates.
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.
MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy evaluation. The Static Analyzer is adept at handling popular mobile app binaries such as APK, IPA, APPX, and source code. The Dynamic Analyzer is compatible with Android and iOS applications, providing a platform for instrumented testing that includes real-time data and network traffic analysis.
MobSF integrates into DevSecOps or CI/CD pipelines facilitated by REST APIs and CLI tools, enhancing your security workflow.
Hackers target these platforms due to their hosting of valuable resources and data.
For financial gain or some other bad motive, the hackers intrude on these platforms to steal data, deploy malicious software, or launch other cyber attacks.
Cybersecurity analysts at FortiGuard Labs uncovered that hackers actively abuse Amazon and GitHub to deploy Java-based malware.
Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers.
ChatGPT plugins are additional tools or extensions that can be integrated with ChatGPT to extend its functionalities or enhance specific aspects of the user experience. These plugins may include new natural language processing features, search capabilities, integrations with other services or platforms, text analysis tools, and more. Essentially, plugins allow users to customize and tailor the ChatGPT experience to their specific needs.
Plugins can allow users to interact with third-party services such as Github, Google Drive, and Saleforce.
By using plugins, users authorize ChatGPT to transmit sensitive data to third-party services. In some cases, this involves granting access to their private accounts on platforms they need to interact with
WinSOS represents a sophisticated technique that turns the Windows operating system’s own features against it.
By manipulating executables in the WinSxS folder, a component trusted by Windows, attackers can discreetly execute malicious code.
This method, building on DLL Search Order Hijacking, does not require elevated privileges, making it a stealthy approach for infiltrating Windows 10 and 11 systems.
It stands out for its ability to bypass traditional defense mechanisms, leveraging the inherent trust in system binaries to conceal malicious activities.
This technique utilizes executables within the WinSxS folder, commonly trusted by Windows, to exploit the classic DLL Search Order Hijacking method.