A series of critical vulnerabilities has been uncovered in the Common Unix Printing System (CUPS), specifically in the cups-browsed component and related libraries. This vulnerability chain allows remote, unauthenticated attackers to potentially execute arbitrary code with root privileges on affected systems. The discovery highlights significant security risks in a widely-used open-source component and raises crucial questions about legacy system support and security in modern IT environments.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore cyberattacks in the banking industry. Gone are the days when paychecks were rolled out in envelopes on payday. We’ve evolved from juggling between counters to deposit a check to managing everything through a single mobile banking application. Indeed, modern banking saves us time and encourages self-service.

Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.

A Data Protection Officer (DPO) can be called as an ally for organizations that deals with large amount of Privacy related data in its core operation. They are appointed based on article 37 of GDPR, and help organizations stay compliant with data protection laws by overseeing data security policies, monitoring internal compliance, and providing expert advice for staffs managing the potential data privacy risks.

On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Mozilla, the organization behind the popular Firefox browser, is facing scrutiny from the European digital rights group NOYB (None Of Your Business) over alleged privacy violations. The complaint, lodged with Austria’s data protection authority, claims that Firefox employs a feature known as "Privacy-Preserving Attribution" (PPA) to track user behavior without explicit consent. This controversy raises significant questions about user privacy and the ethical responsibilities of tech companies.

Large Language Models (LLMs) have become central to many AI-driven applications. These models, such as OpenAI’s GPT and Google’s Bard, process massive amounts of data to generate human-like responses. Their ability to handle natural language has revolutionized industries from customer service to healthcare. However, as their use expands, so do concerns about LLM security. LLM security is critical because these models handle sensitive data, making them tempting targets for cybercriminals.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for several new threats. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

In a significant move towards enhancing the security of its Android operating system, Google has announced a substantial reduction in memory vulnerabilities by adopting memory-safe programming languages, particularly Rust. This shift aligns with Google's secure-by-design philosophy, aiming to minimize security risks associated with new code development. In this blog, we’ll explore the implications of this transition, the statistical outcomes, and what this means for the future of secure coding.