For individuals

Most severe of the vulnerabilities is the undocumented features inclusion issue, tracked as CVE-2024-52564, which could be exploited to facilitate remote firewall deactivation, device setting manipulation, and arbitrary OS command execution, according to Japan's Computer Emergency Response Team Coordination Center.

After compromising the Romanian Permanent Electoral Authority's IT infrastructure on Nov. 19, threat actors went on to expose the account credentials for several of the country's election sites while deploying persistent intrusions that sought to infiltrate election infrastructure, prevent systems access, and spread disinformation until Nov. 25, said the SRI in a declassified report.

Earth Minotaur leverages instant messaging apps to send messages with malicious links purporting to be Tibetan or Uyghur music and dance-related videos, which redirected to dozens of MOONSHINE exploit kit servers that would enable the download of a trojanized XWalk version, which later executes DarkNimbus, a report from Trend Micro showed.

Aside from luring children into providing sexually explicit photos of themselves, such methods have also been used to force youths into harming family members and animals, as well as committing suicide, an intelligence report from the Joint Regional Intelligence Center and the Central California Intelligence Center showed.

Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we’re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past.