"From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing - no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome's settings to sneak in malicious extensions. On the defense side, AI is stepping up to block ransomware in real time, but privacy fights over data access and surveillance are heating up just as fast."
"The vulnerability, disclosed last year, is a command injection vulnerability that could be exploited by an unauthenticated attacker to execute arbitrary code with root privileges on susceptible firewalls. SANS ISC said it has detected specially crafted requests that seek to upload a TXT file and subsequently attempt to retrieve that file via an HTTP GET request. "This will return a '403' error if the file exists, and a '404' error if the upload failed. It will not execute code," it noted. "The content of the file is a standard Global Protect session file, and will not execute."
Attackers are conducting widespread scans and active exploit attempts across firewalls, SQL servers, cloud services, browsers, and connected vehicles. A surge of scans targets PAN-OS GlobalProtect CVE-2024-3400, a command-injection flaw enabling unauthenticated root code execution via staged file uploads. Observers report specially crafted requests that upload TXT files and probe retrieval responses as indicators of staging for follow-up code execution. Exploit attempts against older device flaws, such as Hikvision CVE-2017-7921, continue. Defenders are deploying AI to detect and block ransomware in real time while debates over data access, surveillance, and privacy complicate incident response and threat intelligence sharing.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]