risk3sixty

Cybersecurity Executive Brief: Linux CUPS Vulnerabilities Create Chaos, Security Researchers Find Way into Millions of Cars    Linux CUPS Vulnerabilities A new set of security vulnerabilities has been uncovered in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems, potentially enabling remote command execution. The vulnerabilities, disclosed by security researcher Simone Margaritelli, allow an unauthenticated attacker to replace or install malicious printer IPP URLs, triggering arbitrary code execution when a print job is initiated. The flaws, which impact several Linux distributions including ArchLinux, Debian, and Red Hat Enterprise Linux, pose risks if UDP port 631 is exposed. While the vulnerabilities are serious in technical terms, experts, including Benjamin Harris of WatchTowr and Satnam Narang of Tenable, caution that they are unlikely to reach the severity of past threats like Log4Shell or Heartbleed. Patches are forthcoming, and administrators are advised to disable the affected service and restrict network traffic to mitigate the risk.    More reading:    https://lnkd.in/gp6N-fBD  https://lnkd.in/gwj2dyia  https://lnkd.in/g7Rvg6CC    Misconfigurations Lead to Remote Access of Millions of Kia Cars  Security researcher Sam Curry has disclosed a set of vulnerabilities in Kia's website for vehicle owners that could have allowed attackers to remotely control millions of cars in under 30 seconds, using only the car’s license plate. These flaws not only enabled remote command execution, such as unlocking doors or starting the vehicle, but also allowed attackers to access sensitive personal information, including names, addresses, and phone numbers. By exploiting the Kia dealer website and its backend API, Curry and his team could create new users on vehicles without the owners’ knowledge, granting full control over key functions. Reported in June 2024, Kia acknowledged the vulnerabilities and implemented a fix by mid-August. The exploit affected nearly all Kia vehicles manufactured since 2013, with no alerts provided to owners that their vehicle had been compromised during an attack.    More reading:  https://lnkd.in/gevvVkFR  https://lnkd.in/g-mtXASU   

Cybersecurity Executive Brief: Ford Wants to Listen to You, FBI Takes Down Chinese Botnet, and How Threat Actors Disguise Their Activities Ford Data Gathering Ford has sparked controversy with its recent patent application that proposes an in-vehicle advertisement system capable of eavesdropping on passenger conversations. The patent details technology that can monitor trip data, such as vehicle speed and location, alongside user dialogues, parsing conversations for keywords to target relevant ads. This move raises concerns about privacy, with critics pointing out the lack of information on how Ford intends to secure the data it gathers. The company is no stranger to contentious patents, as it also filed one earlier this year for vehicle repossession technology. While Ford claims these filings are exploratory, the potential for intrusive data collection has prompted calls for stronger privacy protections, especially as US lawmakers scrutinize car manufacturers' data practices. More Reading: https://lnkd.in/eF7B2azz FBI Takes Down Large Botnet U.S. law enforcement, led by the FBI, has disrupted a major Chinese hacking group known as "Flax Typhoon," seizing control of thousands of compromised devices, according to FBI Director Christopher Wray. The group, allegedly run by a company called the Integrity Technology Group, posed as an IT firm but was conducting intelligence operations for Chinese government security agencies. Flax Typhoon is accused of compromising over 250,000 devices globally, including critical infrastructure, corporations, and media outlets. This cyber campaign is part of a larger pattern, similar to the previously identified "Volt Typhoon" group, which has also targeted U.S. infrastructure. Despite China's denial of the accusations, U.S. and allied officials remain focused on dismantling these botnets, marking another round in an ongoing cyber battle with China. More Reading: https://lnkd.in/eJ5HqGWS