Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 32 – 2024

Publication date

09.08.2024

Featured Story

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild.

The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel.

« There are indications that CVE-2024-36971 may be under limited, targeted exploitation, » the tech giant noted in its monthly Android security bulletin for August 2024.

SOC Analysis:
It is of the utmost importance to apply the latest Android patch as this critical vulnerability is known to have been actively exploited in the wild. Smartphones are ideal targets for hackers due to their constant connectivity and vast amounts of personal and professional data. Using a reliable antivirus is strongly recommended.

Other Stories

WARNING: KIBANA VULNERABILITY LET ATTACKERS EXECUTE ARBITRARY CODE, PATCH IMMEDIATELY!

This vulnerability in Kibana 8 prior to version 8.14.2 and Kibana 7 prior to version 7.17.23 allows attackers with access to the ML and Alerting features and write access to internal ML indices to trigger a prototype vulnerability. This can lead to arbitrary code execution.

SOC Analysis:
Update Kibana to the latest stable version immediately. Monitoring infrastructure is critical and must be kept secure. Remember to back up your systems before patching and test after updates.

Vulnerability Allowed Eavesdropping via Sonos Smart Speakers

NCC Group researchers disclosed vulnerabilities in Sonos smart speakers, including CVE-2023-50809, which could be exploited over Wi-Fi for remote code execution. Affected devices could be used for unauthorized eavesdropping.

SOC Analysis:
This vulnerability highlights the need to update overlooked smart devices. Ensure firmware is current and avoid placing these devices in sensitive environments like meeting rooms or executive offices.

Warning: attempted smishing in the name of Partenamut

Cybercriminals are using a fake Facebook account in the name of Partenamut to conduct smishing attacks. Victims are contacted and asked to make a payment under the promise of a refund.

SOC Analysis:
Threat actors often disguise themselves using legitimate brands to appear trustworthy. Be cautious of unexpected financial requests via messaging apps or social media. When in doubt, report suspicious messages to Safeonweb.

Want to enhance your organization’s cyber awareness or compliance strategy?
Contact the Approach Cyber SOC team for tailored support and training programs.

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?