Found 3 bookmarks
Custom sorting
DigiEver Fix That IoT Thing!
DigiEver Fix That IoT Thing!
  • A vulnerability in DigiEver DS-2105 Pro DVRs is being exploited to spread malware. The Akamai Security Intelligence Research Team (SIRT) noticed this activity in their honeypots on November 18, 2024. The vulnerability was originally discovered by Ta-Lun Yen and a CVE identifier has been requested by the Akamai SIRT. The malware is a Mirai variant that has been modified to use improved encryption algorithms. We have included a list of indicators of compromise (IoCs) in this blog post to assist in defense against this threat.
#akamai#EN#2024#mirai#DigiEver#DS-2105#Pro#DVR#vulnerability
·akamai.com·
DigiEver Fix That IoT Thing!
Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day
Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day
  • The Akamai Security Intelligence and Response Team (SIRT) has observed a botnet campaign that is abusing several previously exploited vulnerabilities, as well as a zero-day vulnerability discovered by the SIRT. CVE-2024-7029 (discovered by Aline Eliovich) is a command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE). Once injected, the botnet spreads a Mirai variant with string names that reference the COVID-19 virus that has been seen since at least 2020. * We have included a list of indicators of compromise (IOCs) to assist in defense against this threat.
#akamai#EN#2024#botnet#Mirai#AVTECH#zero-day#vulnerability#CCTV#CVE-2024-7029
·akamai.com·
Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day
What a Cluster: Local Volumes Vulnerability in Kubernetes
What a Cluster: Local Volumes Vulnerability in Kubernetes
  • Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2. The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster. This vulnerability can lead to full takeover on all Windows nodes in a cluster. This vulnerability can be exploited on default installations of Kubernetes (earlier than version 1.28.4), and was tested against both on-prem deployments and Azure Kubernetes Service. In this blog post, we provide a proof-of-concept YAML file as well as an Open Policy Agent (OPA) rule for blocking this vulnerability.
#akamai#EN#2024#CVE-2023-5528#Kubernetes#Windows#vulnerability
·akamai.com·
What a Cluster: Local Volumes Vulnerability in Kubernetes