A vulnerability called WallEscape, tracked as CVE-2024-28085 by security researchers, is said to exhibit the ability to enable threat actors to access and leak a user’s password. the vulnerability impacting the util-Linux package “wall” command resulted from improper neutralization of escape sequences. An explanation by one of the researchers revealed that “the util-Linux wall command does not filter escape sequences from command line arguments.” It allows unprivileged users to put arbitrary text on other users’ terminals if msg is set to “y” and wall is setgid.
Hotel Doors Security Flaw Puts Occupant at Risk of Intrusion
Users of Dormakaba’s Saflok electronic RFID locks are advised to exercise caution with the product as threat actors can leverage the security flaw to forge keycards and intrude on privacy. The discovery made by a group of researchers became a turning point in using the product. According to them, “When combined, the identified weaknesses allow an attacker to unlock all rooms in a hotel using a single pair of forged keycards.” The vulnerability now puts millions at risk of privacy violation as there is a record of three million hotel locks found in 13000 properties spread across 131 countries, and only 36% replacement has taken place at the time of this report.
Incrasom ransomware group has attacked multiple businesses. The victims include:
Lodan Electronics, Inc: This electronic company specializes in Electrical Cable Assemblies, Electromechanical Assemblies, Electrical Wire Harnesses, Electronic Box Builds, MIL-spec cable Assemblies, Coax RF Assemblies, Wire Harness Mexico, Discrete Wire Assemblies, Value-Added Assemblies, and Heavy-Duty Wire Harnesses. The company has over 200 employees and a revenue of $20.3 million.
Tech-Quip Inc: This company serves the Gulf Coast Process Industries and associated Engineering Contractors and Systems Integrators with Instrumentation and Specialty Products. The company specializes in Magnetrol, Balston, Varec, 3D Instruments, Advanced Instruments, Ap Tech, Mettler-Toledo, Mid-West Instruments, Veris, SOR, ASHCROFT, WIKA, ANNUBAR, NEON, AMI, PARKER, ORION, INSTRUMENTATION, METRIX, VORTEC, THERMON, PERMACAL, 3D, STAHL, SENTRY, BEBCO, M&C, THERMO, VEGA, RONAN, radar, pressure gauge, filters, purge, sample probes, sample coolers, sampler, analyzer, autrol, transmitter, level gauge, Thermocouple, RTD, level switch, pressure switch, united electric, neodyne, vibration switch, Intertec, servo, Houston, Techquip, TechStars, eads, Rawson, Diaphragm seal, Ametek, obrian, krohne, flow, Coriolis, ultrasonic, and rotameters. Tech-Quip has over 50 employees and a revenue of $7.4 million.
GrayPen: This company, with over 200 employees, specializes in Tanker Agency, STS Operations, LNG Operations, Hub Agency, Customs Clearance, Storage & Delivery, Husbandry Requirements, and the EU-ACD Team. GrayPen has revenue of $23.7 million.
EoL Devices Becomes Hackers’ Tool as TheMoon Botnet Resurfaces.
An intelligence report revealed the botnet uses End-of-life (EoL) small home/small office (SOHO) routers and IoT devices to boost Faceless, a criminal proxy service known for offering secret services to other threat actors for less than a dollar daily. According to the Black Lotus labs at Lumen Technologies, “TheMoon, which emerged in 2014, has been secretly operating while growing to over 40,000 bots from 88 countries in January and February of 2024.”
