Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability (CVE-2024-20017) Threatens Routers and Smartphones:

https://blog.sonicwall.com/en-us/2024/09/critical-exploit-in-mediatek-wi-fi-chipsets-zero-click-vulnerability-cve-2024-20017-threatens-routers-and-smartphones/

Detailed analysis for - 4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

Affected chipsets:
- MT6890, MT7915, MT7916, MT7981, MT7986, MT7622
Affected software:
- SDK version 7.4.0.1 and before (for MT7915) / SDK version 7.6.7.0 and before (for MT7916, MT7981 and MT7986) / OpenWrt 19.07, 21.02

http://0.0.0.0:4000/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html

PoC:
https://github.com/mellow-hype/cve-2024-20017

Novel Exploit Chain Enables Windows UAC Bypass

https://www.darkreading.com/vulnerabilities-threats/exploit-chain-windows-uac-bypass

IT Security Management
Checklist

9 Key Recommendations to Keep Network Safe

Reverse Engineering for Noobs

https://x86re.com/

MMSF - Mobile framework that combines functionalities from frida, objection, drozer, and many more.

Massive Mobile Security Framework:

- https://github.com/St3v3nsS/MMSF

Locally saved Word files with capitalized file extensions or # in the noscript may be deleted after save

https://support.microsoft.com/en-us/office/locally-saved-word-files-with-capitalized-file-extensions-or-in-the-noscript-may-be-deleted-after-save-5e28f8c2-32d0-487b-b237-9c7c74d25f84

TOP 5 - Anomaly Detection Libraries

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.

Firefox

https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

Взлом робота-пылесоса и слежка за хозяином в прямом эфире (Hacking a robot vacuum cleaner and spying on its owner live)

- https://habr.com/ru/companies/cloud4y/articles/849294/

SeamlessPass - Leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

https://github.com/Malcrove/SeamlessPass/tree/main

Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions

..red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity:

https://www.trendmicro.com/en_us/research/24/j/edrsilencer-disrupting-endpoint-security-solutions.html

EDRSilencer:

https://github.com/netero1010/EDRSilencer

WhatsApp may expose the OS you use to run it – which could expose you to crooks

Messaging service creates persistent user IDs that have different qualities on each device

https://www.theregister.com/2024/10/16/whatsapp_privacy_concerns/

Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Remote Code

https://research.kudelskisecurity.com/2024/10/16/splunk-enterprise-multiple-vulnerabilities-for-rce/

Critical hardcoded SolarWinds credential now exploited in the wild

A critical, hardcoded login credential in SolarWinds' Web Help Desk line has been exploited in the wild by criminals..:

https://www.theregister.com/2024/10/16/solarwinds_critical_hardcoded_credential_bug/