Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Affected Systems:
Risk:
Remediation Recommendations
References
A vulnerability has been discovered in SolarWinds Web Help Desk, which could allow for remote code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track IT assets, and offer self-service options to end-users. Successful exploitation of this vulnerability could allow an actor to execute code in the context of SYSTEM. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk:
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk:
Remediation Recommendations
References
The US Secret Service dismantled a network of tens of thousands of devices "located throughout the New York tristate area that were used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials." Notably, the devices were "were concentrated within 35 miles of the global meeting of the United Nations General Assembly now underway in New York City." The New York Times cites an official as saying the network could have sent 30 million anonymous text messages per minute. Matt McCool, the special agent in charge of the Secret Service's New York field office, said the network "had the potential to disable cellphone towers and essentially shut down the cellular network in New York City."
The Secret Service stated, "This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites. In addition to carrying out anonymous telephonic threats, these devices could be used to conduct a wide range of telecommunications attacks. This includes disabling cell phone towers, enabling denial of services attacks and facilitating anonymous, encrypted communication between potential threat actors and criminal enterprises. While forensic examination of these devices is ongoing, early analysis indicates cellular communications between nation-state threat actors and individuals that are known to federal law enforcement."
Several European airports have delayed hundreds of flights following a cyberattack against Collins Aerospace, which provides automatic flight check-in systems, Reuters reports. The incident, which began on Saturday, affected the UK's Heathrow and airports in Berlin, Brussels, and Dublin. The European Union Agency for Cybersecurity said this morning that Collins sustained a ransomware attack.
Collins's parent company RTX (formerly Raytheon Technologies) said the incident affected its MUSE software, stating, "The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations." RTX told Reuters that it's in the final stages of completing updates needed to restore functionality.