SecurityWeek reports that the Cybersecurity and Infrastructure Security Agency has warned about the active exploitation of the PwnKit Linux security flaw, tracked as CVE-2021-4034.
Threat actors could abuse the vulnerability, which impacts the Polkit component developed by Red Hat for system-wide privilege control in operating systems similar to Unix, to achieve privilege escalation. Several major firms including VMware, IBM, Siemens, Juniper Networks, and Moxa have products impacted by the security bug, which the CISA has already added to its Known Exploited Vulnerabilities Catalog. Other security vulnerabilities added to CISA's Must Patch list are an exploited Mitel VoIP zero-day and iOS flaws abused by Italian spyware firm RCS Lab, as well as a bug in Chromium leveraged in malvertising campaigns.
CISA has ordered federal agencies to remediate all the newly listed vulnerabilities by July 18, while private firms have been urged to leverage the flaw catalog to improve their patching and vulnerability management processes.
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.