Cybersecurity

ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers.

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallet

10 other certificates 'were mis-issued and have now been revoked'

It's now hitting govt, enterprise targets

Certain companies recruit app developers to create botnets by injecting “network sharing” SDKs into their apps. These botnets then use the network bandwidth of unsuspecting users of said apps to crawl the web, brute-force mail servers and other nasty things.

Late at night, I was testing a proof-of-concept (PoC) exploit for CVE-2020-35489 (https://github/[.]com/gh202503/poc-cve-2020-35489) that I found on GitHub. The repository looked legitimate, and in my exhaustion, I skipped the usual precautions. I cloned the repository and ran the script without inspecting its contents.

A few hours later, my system started behaving strangely. CPU usage was abnormally high, and after further investigation, I found that a hidden malware had infected my machine. Worse, my credentials, SSH keys, and other sensitive data had been stolen and uploaded to an attacker-controlled repository.

the EUVD comes with a holistic approach and aims for ensuring a high level of interconnection of information sources. It does so by leveraging the open-source software Vulnerability-Lookup which enables a quick correlation of vulnerabilities from multiple known sources. ... Utilising the Common Security Advisory Framework (CSAF), a standardised format for vulnerability advisories, the EUVD supports automation in the processing, consumption, and distribution of security advisories.

The EUVD collects and references vulnerability information collected from existing databases (such as MITRE’s CVE DB, GitHub's Advisory Database, JVN iPedia, GSD-Database), adds additional information via references to advisories and alerts issued by national CSIRTs, mitigation and patching guidelines published by vendors, and enriches it with exploited vulnerability markings (such as CISA KEV) and FIRST’s Exploit Prediction scores (EPSS).

(Note: ENISA has been tasked with establishing the EUVD as outlined in Article 12 of the NIS-2 Directive.)

• Invidious
• Youtube

"Our recommendation is to do what your antivirus software says especially in regards to this one (WinRing0) because again it's not a false positive; it's a true positive. This is a real potential vulnerability and if Windows quarantines WinRing0 we'd say let it happen.

If anyone tells you to ignore those warnings then treat those people or those groups with extreme skepticism. Again there are real vulnerabilities that have been used which can exploit your machine."

• Steve Burke from Gamers Nexus

The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities.

While remaining compatible with the traditional CVE system, GCVE introduces GCVE Numbering Authorities (GNAs). GNAs are independent entities that can allocate identifiers without relying on a centralised block distribution system or rigid policy enforcement.

cross-posted from: https://midwest.social/post/26331167

This is an utter failure of oversight in governance. And likely a misappropriation of government funds.

What a colossally shortsighted decision.