Today's report Older


Source: NIST
NIST
 HIGH   CVE‑2024‑11218
Published: 2025-01-22  Updated: 2025-01-22

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
 CRITICAL   CVE‑2024‑13091
Published: 2025-01-22  Updated: 2025-01-22

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_file_upload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The exploit requires thee ChatBot Conversational Forms plugin and the Conversational Form Builder Pro addon plugin.


News
The Hacker News
 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured [...] (The Hacker News)

Security Affairs
 CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests
CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency [...] (Security Affairs)

BleepingComputer
 Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack
The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [...] (BleepingComputer)

BleepingComputer
 Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...] (BleepingComputer)

Unsourced
 GDPR Fines Total EUR1.2bn in 2024
Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching EUR1.2bn (Unsourced)

Unsourced
 Most European Privacy Teams Are Understaffed and Underfunded
ISACA research claims privacy budgets are set to decline further in 2025 (Unsourced)

Unsourced
 UK's New Digital IDs Raise Security and Privacy Fears
Security experts have outlined security and privacy concerns around the UK government's GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place (Unsourced)

BleepingComputer
 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now
A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users' computers when extracting malicious files from nested archives. [...] (BleepingComputer)

Security Affairs
 Experts found multiple flaws in Mercedes-Benz infotainment system
Kaspersky researchers shared details about multiple vulnerabilities impacting the Mercedes-Benz MBUX infotainment system. Kaspersky published research findings on the first-generation Mercedes-Benz User Experience (MBUX) infotainment system, [...] (Security Affairs)

Graham Cluley
 Medusa ransomware: what you need to know
Medusa is a ransomware-as-a-service (RaaS) platform that has targeted organisations around the world. Read more about it in my article on the Tripwire State of Security blog. (Graham Cluley)



Source: Ransom Watch
Ransomware attacks
    Christian Community Aid,   SANTA MARIA LABORATORIO
    boardman-hamilton.com,   miedemaproduce.com,   precisionmechsd.com,   supremegroup.co.in,   whychoosebw.com
    Gossett Motor Cars ,   Mintz Law Firm, LLC
    RETAL Baltic Films
    Solaris-pharma.com leakage
    malindoair.com


Source: Hybrid Analysis
Top malicious URL


Source: Hybrid Analysis
Top malicious files


Security Rabbits | Copyright © 2025 Flo BI. All rights reserved.