Alert: CISA Warns of Active Cyberattacks Targeting Adobe and Windows Security Holes

Alert: CISA Warns of Active Cyberattacks Targeting Adobe and Windows Security Holes

CISA Adds Critical Vulnerabilities to KEV Catalog Amid Active Exploits

Two significant security vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation in the wild. The vulnerabilities include:

1. Adobe ColdFusion (CVE-2024-20767)
– Severity: 7.4 CVSS
– Impact: Unauthorized access to restricted files via admin panel
– Patch Status: Fixed in March 2024

2. Microsoft Windows Kernel-Mode Driver (CVE-2024-35250)
– Severity: 7.8 CVSS
– Affects: Microsoft Kernel Streaming Service
– Patch Status: Fixed in June 2024

FBI Alerts on HiatusRAT IoT Threats

The FBI has reported HiatusRAT campaigns targeting IoT devices, particularly:
– Affected Devices: Hikvision, D-Link, and Dahua cameras and DVRs
– Target Regions: US, Australia, Canada, New Zealand, UK
– Attack Methods: Vulnerability exploitation and password cracking
– Tools Used: Ingram and Medusa

Major DrayTek Router Campaign Uncovered

A significant ransomware operation targeting DrayTek Vigor routers has been identified:
– Scale: Over 20,000 devices affected
– Timeline: August-September 2023
– Threat Actors:
– Monstrous Mantis (Ragnar Locker)
– Ruthless Mantis (PTI-288)
– LARVA-15 (Wazawaka)
– Impact: Credential theft and ransomware deployment
– Ransomware Variants: RagnarLocker, Nokoyawa, RansomHouse, and Qilin

Federal agencies must implement patches by January 6, 2025, to protect their networks against these threats.

Share This Article