The FBI and CISA have issued a critical alert about the rapid increase in Play ransomware attacks, which have affected over 900 organizations worldwide, including critical infrastructure. The ransomware, linked to North Korean state-sponsored groups and distributed via threat groups like Balloonfly, exploits vulnerabilities in Windows and other systems. Organizations are urged to implement urgent security measures such as patching vulnerabilities, using multi-factor authentication, securing passwords, and network segmentation to defend against these evolving threats.
VMware's hypervisors have been found to have four significant flaws, with the most severe ones allowing a malicious actor with local administrative privileges on a virtual machine to execute code outside the guest. VMware has urged an emergency change to address these vulnerabilities, which affect its Workstation, Fusion, and ESXi hypervisors. The flaws were discovered by researchers at the Tianfu Cup Pwn Contest, and VMware has provided workarounds while acknowledging potential challenges in implementing them at scale.
VMware has issued a security advisory addressing vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation that could potentially allow a cyber threat actor to take control of affected systems. CISA advises users and administrators to review the advisory (VMSA-2024-0006) and apply the required updates.
Juniper Networks has disclosed and apologized for previously concealed vulnerabilities, following accusations of bending the rules in assigning CVEs. The company has separately disclosed four vulnerabilities reported by a researcher, each with its own distinct CVE, affecting J-Web in Junos OS SRX Series and EX Series. The US Cybersecurity and Infrastructure Security Agency has issued an alert urging users to review Juniper's bulletin and apply necessary updates. Juniper's patch schedule and process for assigning CVEs have raised questions, prompting the company to review its approach and apologize to customers for the error in communication.
The US has issued a "do not travel" advisory for Lebanon after the American embassy in Beirut was set on fire by protestors. Family members of US government personnel and non-essential embassy staff were allowed to leave the country. The advisory was issued due to the unpredictable security situation related to rocket exchanges between Israel and armed militant factions. Large demonstrations have erupted in Lebanon following recent violence in Israel and Gaza. Protestors blocked major roads and threw Molotov cocktails at the embassy. Similar protests also took place at the French embassy. The protests were sparked by an explosion at a hospital in Gaza, with conflicting reports on who was responsible.
Arm has issued a security advisory warning of an actively exploited vulnerability in the widely-used Mali GPU drivers. The flaw, tracked as CVE-2023-4211, allows improper access to freed memory, potentially compromising sensitive data. Arm has evidence of limited, targeted exploitation and has released a patch for some affected GPU architectures. However, older device models using the Midgard series are unlikely to receive a patch. Arm also disclosed two other vulnerabilities, CVE-2023-33200 and CVE-2023-34970, impacting Bifrost, Valhall, and Arm's 5th Gen GPU architecture. All three vulnerabilities require local access on the device and can be exploited by tricking users into downloading applications from unofficial sources.
The U.S. Embassy in Haiti has issued a travel advisory urging American citizens to leave the country "as soon as possible" due to escalating security and infrastructure challenges. The advisory warns of the dangers of demonstrations and large gatherings and advises travelers to avoid roadblocks. Gang violence has been on the rise since the assassination of President Jovenel Moïse, with gangs now controlling large parts of the country. Haiti's Prime Minister has called for international assistance to stabilize the situation. The United Nations estimates that nearly half of Haiti's population is in need of humanitarian aid. Last month, the U.S. Embassy evacuated non-emergency personnel, and recently, a Haitian gang opened fire on protesters, resulting in several deaths.
