ThaiCERT

449/67 Thursday, December 19, 2024 The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities, Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and Adobe ColdFusion Improper Access Control (CVE-2024-20767), to its Known Exploited Vulnerabilities (KEV) catalog. Details of the vulnerabilities are as follows: To mitigate these vulnerabilities, agencies under the Federal Civilian Executive […]

448/67 Thursday, December 19, 2024 Over the past year, a new form of scam called “Task Scams” or “Gamified Job Scams” has alarmingly increased by 400%, putting job seekers at risk of wasting time and losing money. Task Scams or Gamified Job Scams involve online fraudsters targeting individuals looking for remote jobs. They offer seemingly […]

447/67 Wednesday, December 18, 2024 ConnectOnCall, a telemedicine and after-hours emergency call service platform, has disclosed a data breach affecting the personal and medical information of over 900,000 users. The company discovered the security breach on May 12, 2024, and immediately began an investigation. It was found that an external party had gained access to […]

446/67 Wednesday, December 18, 2024 Cybersecurity researchers from QiAnXin, a company in China, have revealed an advanced PHP backdoor called Glutton, a new tool associated with the Winnti group, which is linked to China. This backdoor targets multiple countries, including China, the United States, Cambodia, Pakistan, and South Africa. Glutton is designed in a modular […]

445/67 Tuesday, December 17, 2024 Germany’s Federal Office for Information Security (BSI) announced its success in halting the BADBOX malware operation, which was found to have infected over 30,000 internet-connected devices sold within the country. The agency disrupted communication between the infected devices and their command-and-control (C2) servers using a sinkholing technique. Affected devices include […]

444/67 Tuesday, December 17, 2024 Thai government officials have become targets of a new cyberattack employing a technique known as DLL Side-Loading to deploy a backdoor malware called “Yokai.” This malware is designed to take control of systems and execute commands from attackers via a command-and-control (C2) server. The campaign begins with a RAR file […]

443/67 Monday, December 16, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerability CVE-2024-50623 (CVSS score 8.8), which affects Cleo Harmony, VLTrader, and LexiCom products, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability involves unrestricted file upload and download, which could lead to remote code execution (RCE). Users are advised to […]

442/67 Monday, December 16, 2024 OpenWrt, a popular open-source operating system for routers and network devices, has been revealed to contain a critical security vulnerability in its Attended Sysupgrade (ASU) feature. This vulnerability, identified as CVE-2024-54143, has received a CVSS severity score of 9.3 out of 10, indicating a high level of risk. The vulnerability […]

441/67 Thursday, December 12, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the Microsoft Windows Common Log File System (CLFS), identified as CVE-2024-49138, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, with a CVSS score of 7.8, was addressed in Microsoft’s December 2024 Patch Tuesday security update, which […]

440/67 Thursday, December 12, 2024 Adobe, a leading software developer, has released its December 2024 Patch Tuesday security update, addressing over 160 vulnerabilities across 16 popular products such as Reader, Illustrator, Photoshop, and Connect. Key details of the fixes include: While Adobe confirmed that no active exploits of these vulnerabilities have been detected, the company […]