Windows printer driver for HP/Samsung/Xerox vulnerable to local privilege escalation – millions of printers affected
labs.sentinelone.com/cve-2021-3438-16-years-in-hiding-millions-of-printers-worldwide-vulnerable/ SentinelLabs has discovered a high severity Windows local privilege escalation flaw in HP, Samsung, and Xerox printer drivers. Since 2005 HP, Samsung, and Xerox have released millions of printers worldwide with the vulnerable driver.
New Windows 10 vulnerability allows anyone to get admin privileges
www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/ Yesterday, security researcher Jonas Lykkegaard told BleepingComputer he discovered that the Windows 10 and Windows 11 Registry files associated with the Security Account Manager (SAM), and all other Registry databases, are accessible to the ‘Users’ group that has low privileges on a device. Will Dormann, a vulnerability analyst for CERT/CC, and SANS author Jeff McJunkin, said Microsoft introduced the permission changes in Windows 10 1809.
New Linux kernel bug lets you get root on most modern distros
www.bleepingcomputer.com/news/security/new-linux-kernel-bug-lets-you-get-root-on-most-modern-distros/ As discovered by Qualys researchers, the LPE security flaw tracked as CVE-2021-33909 (dubbed Sequoia) is present in the filesystem layer used to manage user data, a feature universally used by all major (Linux) operating systems. According to Qualys’ research, the vulnerability impacts all Linux kernel versions released since 2014. Qualys:
Fortinet fixes bug letting unauthenticated hackers run code as root
www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/ Both FortiManager and FortiAnalyzer are enterprise-grade network management solutions for environments with up to 100, 000 devices. They are available as a physical appliance, as a virtual machine, in the cloud, or hosted by Fortinet. The company highlights that [the vulnerable feature] is disabled by default on FortiAnalyzer and can be turned on only on some hardware models
China accuses US of launching cyberattacks, denies Microsoft Exchange hack
UK: Hundreds of Northern rail company touchscreen ticket machines are offline after a ransomware attack
www.zdnet.com/article/hundreds-of-touchscreen-ticket-machines-are-offline-after-a-ransomware-attack/ Over 600 touchscreen ticket machines have been disrupted by a ransomware attack just two months after they were installed at stations across the north of England.
Law Firm to the Fortune 500 Breached with Ransomware
threatpost.com/law-firm-fortune-500-breach-ransomware/167951/ Campbell Conroy & O’Neil, P.C. U.S. law firm to an array of huge companies including the likes of Apple, Boeing, British Airways, Chrysler, Exxon Mobil, Fisher-Price, Ford, Honda, IBM, Jaguar, Monsanto, Toyota and US Airways. On Friday, the firm said in a press release that it got hit by what turned out to be a ransomware attack in February.
Significant Historical Cyber-Intrusion Campaigns Targeting ICS
us-cert.cisa.gov/ncas/current-activity/2021/07/20/significant-historical-cyber-intrusion-campaigns-targeting-ics To raise awareness of the risks toand improve the cyber protection ofcritical infrastructure, CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory as well as updates to five alerts and advisories. These alerts and advisories contain information on historical cyber-intrusion campaigns that have targeted ICS