Security researchers identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS. The vulnerability allows the threat actor to remotely exploit the firewall device, create a reverse shell, and download further tools onto the device. The attacker focused on exporting configuration data from the devices, and then leveraging it as an entry point to move laterally within the victim organizations. Accordingly, users of Palo Alto products in Nigeria are advised to upgrade their products to the latest versions as recommended.
Multiple critical vulnerabilities have been reported in Oracle products. The identified security flaws could allow attackers to remotely execute code, manipulate data, or gain unauthorized access to systems. Notably, security research revealed that over 200 vulnerabilities can be exploited remotely by unauthenticated attackers. Nonetheless, Oracle has released its Critical Patch Update (CPU) including 441 security patches, with over 200 addressing remotely exploitable flaws. Also, the released updates include patches for third-party components in Solaris, Oracle Linux, and Oracle VM Server for x86. Accordingly, users are advised to upgrade their products to the latest versions as recommended.
A new version of the Vultur banking trojan posing as a security app, authenticator or productivity apps to steal sensitive data and gain total control over compromised android devices has been discovered. The malware has been embedded in over 800 apps on the Google Play Store and many android devices have been compromised. This latest version of the malware includes more advanced remote-control capabilities and an improved evasion mechanism, enabling its operators to remotely interact with a mobile device and harvest sensitive data. This type of attack relies on "smishing" (SMS phishing) and phone calls to trick their targets into installing a version of the malware. Additionally, it can also be distributed via trojanized dropper apps known as Brunhilda.
Several critical zero-day and high severity vulnerabilities have been reported in Mozilla products including the Google Chrome browser. Attackers could leverage these vulnerabilities to run arbitrary code, circumvent security measures, or cause crashes on vulnerable systems. Nonetheless, Mozilla and Google have issued security updates to address the discovered vulnerabilities. As a result, users are advised to upgrade their products to the latest versions as recommended.
There is a concerning development involving a new StrelaStealer malware campaign that has affected numerous organizations with most recent cases occurring in the United States and Europe, highlighting the necessity for Nigerian organizations to remain vigilant, as reports indicate widespread propagation. This campaign is specifically designed to target email account credentials. The sectors most heavily targeted by this campaign include finance, legal services, manufacturing, government agencies, utilities, and energy, among others. The potential consequences of these attacks are severe, ranging from data theft to financial losses and other forms of fraudulent activity. Therefore, it emphasizes the critical need for proactive measures to be taken to prevent such attacks from compromising our critical information infrastructures.
