This week, the most recent FortiClient EMS exploit has been weaponized, dark web marketplaces were taken down, and unpatchable side-channel vulnerabilities in Apple Silicon.
ForitClient EMS PoC weaponized
Links: Bleeping Computer
The FortiClient EMS exploit, CVE-2023-48788, has its first proof of concept created. The exploit allows for remote code execution with SYSTEM privileges by exploiting a weakness and chaining attacks with the packaged SQL database. A word of caution: if you’re running FortiClient EMS versions 7.0 (7.0.1 through 7.0.10) and 7.2 (7.2.0 through 7.2.2), you may want to stop reading this article and add this to your patch management cycle.
Nemesis market seized by German authorities
Links: Bleeping Computer
German authorities Federal Criminal Police Office(BKA) and the Frankfurt cybercrime combating unit (ZIT) announced that infrastructure supporting the Nemesis Market has been seized, interrupting service to its patrons. The marketplace was launched in 2021 and has been supporting various offerings for hacker groups, alongside other items.
Fatal flaw in Apple Silicon Mx chips
Links: Bleeping Computer
A new side-channel attack dubbed “GoFetch” impacts Apple silicon processors, allowing attackers the capability to steal secret cryptographic keys from the processor’s cache. Because this vulnerability is hardware-based, there’s no fix in sight. Apple has been mum on a response, directing inquiries to a section for cryptography on their Apple Developer site.
