Here are some important findings from the SecureResearch Cybersecurity brief:

• Foxit PDF Reader and PDF Editor products have critical vulnerabilities. An attacker could gain remote code execution on vulnerable systems via AcroForms or malicious PDF files. They could also elevate privileges on Windows systems through the Foxit installer. Organizations should update all installations of Foxit PDF Reader and PDF Editor to the latest patched versions.
• A vulnerability in the Infinix Mobile Weather App exposes user location data. This flaw allows unauthorized access to user location data. Users should disable location access for the com.rlk.weathers application until a fix is available. Infinix Mobile should conduct a thorough investigation and release a security patch promptly.
• CERT-FR's weekly bulletin highlights critical vulnerabilities. Organizations should review the bulletin in detail to understand the nature and criticality of the vulnerabilities.
• CISA warns of an actively exploited Palo Alto Networks PAN-OS DNS vulnerability (CVE-2024-3393). Attackers could bypass security controls and gain unauthorized access to sensitive information or systems. Organizations should apply the necessary patches or updates provided by the vendor to address CVE-2024-3393.
• IBM has released a security advisory (AV24-732) detailing a vulnerability affecting multiple IBM products. Organizations should review the advisory and take the necessary actions to secure their systems.
• A U.S. Army soldier was arrested for his alleged involvement in extortion and data breach activities targeting AT&T and Verizon. The breach involved unauthorized access to customer call logs and the potential exposure of U.S. government officials’ communication records.
• The U.S. Treasury Department was breached through a remote support platform. Hackers exploited vulnerabilities in the agency's remote support platform. Organizations should conduct a thorough investigation to assess the scope and impact of the breach and immediately patch and update the remote support platform to close exploited vulnerabilities.
• Microsoft issued an urgent advisory to .NET developers to update applications and development pipelines. Developers should inventory their applications and identify any dependencies on ‘azureedge.net’ for .NET installations. They should then migrate .NET installations and dependencies to recommended alternatives provided by Microsoft.

Please review the full brief to learn about additional cyber threats.

For more information in the SecureResearch Daily Cyber Intelligence Brief, email [email protected]