Tag
By Waqas Discover the future of phishing email training, including personalized simulations, gamification, AI, and realistic scenarios. Empower your employees to combat evolving cyber threats and protect your organization. This is a post from HackRead.com Read the original post: The Future of Phishing Email Training for Employees in Cybersecurity
The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang's leader "LockbitSupp," and charged him with using Lockbit to attack more than 2,000 victims and extort at least $100 million in ransomware payments.
### Summary If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. ### Patches [This patch](https://github.com/wojtekmaj/react-pdf/commit/671e6eaa2e373e404040c13cc6b668fe39839cad) forces `isEvalSupported` to `false`, removing the attack vector. ### Workarounds Set `options.isEvalSupported` to `false`, where `options` is `Document` component prop. ### References - [GHSA-wgrm-67xf-hhpq](https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq) - https://github.com/mozilla/pdf.js/pull/18015 - https://github.com/mozilla/pdf.js/commit/85e64b5c16c9aaef738f421733c12911a441cec6 - https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
### Impact If pdf.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. ### Patches The patch removes the use of `eval`: https://github.com/mozilla/pdf.js/pull/18015 ### Workarounds Set the option `isEvalSupported` to `false`. ### References https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
Gentoo Linux Security Advisory 202405-7 - Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are affected.
Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.
There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result in the extraction of a plaintext content key value.
Verizon, AT&T, and T-Mobile USA are being fined for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.
A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall.
### Impact We have identified a local privilege escalation vulnerability in Ant Media Server which allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media Server running with Java Management Extensions (JMX) enabled and authentication disabled on localhost on port 5599/TCP. This vulnerability is nearly identical to the local privilege escalation vulnerability CVE-2023-26269 identified in Apache James. Any unprivileged operating system user can connect to the JMX service running on port 5599/TCP on localhost and leverage the MLet Bean within JMX to load a remote MBean from an attacker-controlled server. This allows an attacker to execute arbitrary code within the Java process run by Ant Media Server and execute code within the context of the “antmedia” service account on the system. ### Patches 2.9.0 ### Workarounds Remote the following parameters from antmedia.service file ```-Dcom....