Two Cisco flaws and four Gigabyte bugs have been added by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog even though only a single Gigabyte flaw has been noted to be abused in attacks, reports SecurityWeek.
Authenticated threat actors could exploit the Cisco AnyConnect Secure Mobility Client for Windows flaws, tracked as CVE-2020-3433 and CVE-2020-3153, to facilitate arbitrary code execution and arbitrary file copying with privilege escalation.
Both flaws have already been given technical information and proof-of-concept code, with Cisco emphasizing that no malicious exploitation of the flaws has been observed.
Meanwhile, vulnerabilities impacting the Gigabyte App Center, Aorus graphics engine, OC Guru utility, and Xtreme gaming engine tracked as CVE-2018-19323, CVE-2018-19322, CVE-2018-19321, and CVE-2018-19320 could be leveraged for privilege escalation and potential system takeovers.
Only CVE-2018-19320 has been abused in attacks by Robinhood ransomware but all the other flaws have publicly available PoC exploits and technical details.
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.