Akamai researchers have developed a proof-of-concept exploit for an already addressed Windows CryptoAPI vulnerability, tracked as CVE-2022-34689, which could be leveraged to impersonate legitimate entities, according to The Record, a news site by cybersecurity firm Recorded Future.
Windows has been using CryptoAPI for managing certificates and cryptography-related issues, and exploiting the flaw could facilitate critical security protection bypass, the Akamai report said.
"In order to exploit this vulnerability two things need to be true: The machine needs to be missing the Windows patch that was released in August 2022 and the application must use CryptoAPI for certificate verification, and enable a CryptoAPI feature called end certificate caching. This was intended as a performance-boosting feature, but a bug in its implementation causes it to be vulnerable," said Akamai researcher Yoni Rozenshien.
Threat actors could also use the flaw to target Google Chrome versions 48 and earlier, as well as older Chromium-based applications, according to researchers, who also found that more than 99% of visible data center devices were vulnerable to attacks.
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.