Attackers can gain root access on multiple major Linux distributions in their default configurations by exploiting a Local Privilege Escalation (LPE) vulnerability in the GNU C Library (glibc). This security flaw, tracked as CVE-2023-6246, was discovered in a glibc function called by the syslog and vsyslog functions to write messages to the system message logger. The flaw stems from a heap-based buffer overflow vulnerability that was accidentally introduced in glibc 2.37 and later backported to glibc 2.36.

CyberArk has released an online version of its open-source White Phoenix ransomware decryptor to help ransomware victims recover their files. Users can upload encrypted files using this new online version and then the tool ensures that as many files as possible are recoverable. The effectiveness of CyberArk's White Phoenix ransomware decryptor is heavily dependent on the encryption type and ransomware variant used. PDF, Word, Excel, ZIP, and PowerPoint files are all supported. This article continues to discuss CyberArk's White Phoenix ransomware decryptor.

Attackers exploited a pair of now-patched critical zero-day vulnerabilities in Ivanti VPNs. They have used the flaws to launch a Rust-based set of backdoors, which then download a backdoor malware called "KrustyLoader." The two flaws enable unauthenticated Remote Code Execution (RCE) and authentication bypass, impacting Ivanti's Connect Secure VPN gear. This article continues to discuss the Ivanti vulnerabilities and their exploitation by attackers.

According to security researchers at RedHunt, a GitHub token leaked by a Mercedes-Benz employee provided access to all the source code stored on the carmaker’s GitHub Enterprise server.  The token, discovered during an internet scan, was leaked in the employee’s GitHub repository, providing unrestricted and unmonitored access to the source code.  The researchers stated that the breach occurred on September 29, 2023, but was not discovered until January 11, 2024.  Mercedes revoked the leaked token on January 24, two days after being alerted of the incident.

The US Treasury Department recently announced sanctions against two "cybersecurity experts" accused of running a platform affiliated with the Islamic State group.  The sanctioned individuals are both Egyptian nationals.  One of them is Mu'min Al-Mawji Mahmud Salim, the creator of a platform named Electronic Horizons Foundation (EHF), which provides cybersecurity training and guidance to ISIS supporters.  The platform offers information on conducting cyber operations, including for evading law enforcement and working with cryptocurrencies.

Four researchers from Cornell Tech won the Outstanding Paper Award at the 2023 Empirical Methods in Natural Language Processing (EMNLP) Conference for their paper titled "Text Embeddings Reveal (Almost) As Much As Text." Their paper delves into privacy concerns regarding text embeddings, a Natural Language Processing (NLP) technique that addresses the challenges posed by the nuanced and ambiguity of words and phrases. Machines can quickly and efficiently understand numbers, but human language is more complicated.