Cyber Bits · · 2 min read

Cyber Bits: March 25, 2024

Cyber Bits: March 25, 2024

This week, the most recent FortiClient EMS exploit has been weaponized, dark web marketplaces were taken down, and unpatchable side-channel vulnerabilities in Apple Silicon.

ForitClient EMS PoC weaponized

Links: Bleeping Computer

The FortiClient EMS exploit, CVE-2023-48788, has its first proof of concept created. The exploit allows for remote code execution with SYSTEM privileges by exploiting a weakness and chaining attacks with the packaged SQL database. A word of caution: if you’re running FortiClient EMS versions 7.0 (7.0.1 through 7.0.10) and 7.2 (7.2.0 through 7.2.2), you may want to stop reading this article and add this to your patch management cycle.

Nemesis market seized by German authorities

Links: Bleeping Computer

German authorities Federal Criminal Police Office(BKA) and the Frankfurt cybercrime combating unit (ZIT) announced that infrastructure supporting the Nemesis Market has been seized, interrupting service to its patrons. The marketplace was launched in 2021 and has been supporting various offerings for hacker groups, alongside other items.

Fatal flaw in Apple Silicon Mx chips

Links: Bleeping Computer

A new side-channel attack dubbed “GoFetch” impacts Apple silicon processors, allowing attackers the capability to steal secret cryptographic keys from the processor’s cache. Because this vulnerability is hardware-based, there’s no fix in sight. Apple has been mum on a response, directing inquiries to a section for cryptography on their Apple Developer site.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.