{"id":4157,"date":"2024-12-23T11:13:37","date_gmt":"2024-12-23T11:13:37","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4157"},"modified":"2024-12-23T11:29:47","modified_gmt":"2024-12-23T11:29:47","slug":"weekly-security-news-23rd-december-2024","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/","title":{"rendered":"Weekly Security News – 23rd December 2024"},"content":{"rendered":"<\/span> 5<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Multiple bugs being exploited, Fortinet issues warning, hackers exploiting Google Ads and new ransomware attacks...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Windows kernel bug now exploited in attacks to gain SYSTEM privileges<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw is due to an\u00a0untrusted pointer dereference weakness\u00a0that allows local attackers to gain SYSTEM privileges in low-complexity attacks that don’t require user interaction.<\/p>

While Microsoft didn’t share more details in a\u00a0security advisory\u00a0published in June, the\u00a0DEVCORE Research Team that found the flaw\u00a0and reported it to Microsoft through Trend Micro’s Zero Day Initiative says the vulnerable system component is the Microsoft Kernel Streaming Service (MSKSSRV.SYS).<\/p>

DEVCORE security researchers used this MSKSSRV privilege escalation security flaw to compromise a fully patched Windows 11 system on the first day of this year’s\u00a0Pwn2Own Vancouver 2024 hacking contest. Redmond patched the bug during the\u00a0June 2024 Patch Tuesday, with proof-of-concept exploit code released on GitHub four months later.<\/p>

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” the company says in a\u00a0security advisory\u00a0that has yet to be updated to indicate the vulnerability is under active exploitation. DEVCORE published the following video demo of their CVE-2024-35250 proof-of-concept exploit being used to hack a Windows 11 23H2 device.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Fortinet has issued an advisory for a\u00a0now-patched critical security flaw\u00a0impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information.<\/p>

The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0.<\/p>

“A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive files,” the company\u00a0said\u00a0in an alert released Wednesday.<\/p>

However, according to a\u00a0description\u00a0of the security flaw in the NIST’s National Vulnerability Database (NVD), the path traversal vulnerability could also be exploited by an attacker to “execute unauthorized code or commands via specially crafted web requests.”<\/p>

The company credited Horizon3.ai security researcher Zach Hanley for discovering and reporting the shortcoming. It’s worth mentioning here that CVE-2023-34990 refers to the “unauthenticated limited file read vulnerability” the cybersecurity company\u00a0revealed\u00a0back in March as part of a broader set of six flaws in FortiWLM.<\/p>

“This vulnerability allows remote, unauthenticated attackers to access and abuse built-in functionality meant to read specific log files on the system via a crafted request to the \/ems\/cgi-bin\/ezrf_lighttpd.cgi <\/em>endpoint,” Hanley\u00a0said\u00a0at the time.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

Patch Alert: Critical Apache Struts Flaw Found; Exploitation Attempts Detected<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution.<\/p>

The issue, tracked as\u00a0CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug the project maintainers addressed in December 2023 (CVE-2023-50164, CVSS score: 9.8), which also\u00a0came under active exploitation\u00a0shortly after public disclosure.<\/p>

“An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution,” according to the\u00a0Apache advisory.<\/p>

In other words, successful exploitation of the flaw could allow a malicious actor to upload arbitrary payloads to susceptible instances, which could then be leveraged to run commands, exfiltrate data, or download additional payloads for follow-on exploitation.<\/p>

Dr. Johannes Ullrich, dean of research for SANS Technology Institute, said that an incomplete patch for CVE-2023-50164 may have led to the new problem, adding exploitation attempts matching the\u00a0publicly-released\u00a0proof-of-concept (PoC) have been detected in the wild.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Cybersecurity researchers have discovered a new PHP-based backdoor called\u00a0Glutton\u00a0that has been put to use in cyber-attacks targeting China, the United States, Cambodia, Pakistan, and South Africa.<\/p>

QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked Winnti (aka APT41).<\/p>

“Interestingly, our investigation revealed that Glutton’s creators deliberately targeted systems within the cybercrime market,” the company\u00a0said. “By poisoning operations, they aimed to turn the tools of cybercriminals against them \u2013 a classic ‘no honor among thieves’ scenario.”<\/p>

Glutton is designed to harvest sensitive system information, drop an ELF backdoor component, and perform code injection against popular PHP frameworks like Baota (BT), ThinkPHP, Yii, and Laravel. The ELF malware also shares “near-complete similarity” with a known Winnti tool known as\u00a0PWNLNX.<\/p>

Despite the links to Winnti, XLab said it cannot definitely link the backdoor to the adversary owing to the lack of stealth techniques typically associated with the group. The cybersecurity company described the shortcomings as “uncharacteristically subpar.”<\/p>

This includes the lack of encrypted command-and-control (C2) communications, the use of HTTP (instead of HTTPS) for downloading the payloads, and the fact that the samples are devoid of any obfuscation.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

Hackers Exploiting Google Search Ads to Launch Malvertising Campaigns<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Threat researchers have identified a persistent series of malvertising campaigns targeting graphic design professionals, using Google Search ads as a vector.<\/p>

This campaign, active since at least November 13, 2024, exploits two dedicated IP addresses, 185.11.61[.]243 and 185.147.124[.]110, to host malicious domains.<\/p>

Starting with the first IP address 185.11.61[.]243, at the time of this writing, 109 unique domains were mapped to it, all seemingly for this graphic design\/CAD malvertising campaign.\u00a0<\/p>

Silent Push, in collaboration with its research partners, has tracked at least ten distinct campaigns over the past month. These\u00a0malicious Google Ads\u00a0campaigns utilize domains that direct unsuspecting users to harmful downloads, posing a significant risk to corporate environments and individual security.<\/p>

The initial domain, frecadsolutions[.]com, launched the malvertising effort with its domain hosted on the IP address 185.11.61[.]243 since early November.<\/p>

The campaign rapidly expanded with subtle variations in domain names, such as frecadsolutions[.]cc, and spanned across multiple similar-sounding domains like freecad-solutions[.]net and rhino3dsolutions[.]io.<\/p>

According to the Silent Push\u00a0Research, \u201cOn November 14, 2024, a malvertising campaign was launched using frecadsolutions[.]cc (note the subtle TLD difference of \u201ccc<\/strong>\u201d vs. \u201ccom<\/strong>\u201d), which had also been hosted on 185.11.61[.]243 since November 6, 2024. This made use of Bitbucket for its malicious download, which is normally a legitimate file hosting site.\u201d<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

New \u201cNotLockBit\u201d Ransomware Attack Windows and macOS<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A sophisticated new ransomware family, dubbed\u00a0NotLockBit, is creating waves in the cybersecurity world with its advanced capabilities and cross-platform functionality. Mimicking the techniques of the infamous\u00a0LockBit ransomware,\u00a0NotLockBit\u00a0has proven to be a formidable new threat, targeting both macOS and Windows operating systems with tailored attack strategies.<\/p>

Distributed as an x86_64 binary written in the Go programming language,\u00a0NotLockBit\u00a0is packed with advanced features that enhance its efficiency and destructiveness. Key functionalities include:<\/p>

  • Targeted File Encryption<\/strong>: The ransomware uses robust encryption protocols like AES and RSA to encrypt sensitive data, rendering it inaccessible without the attacker\u2019s private decryption key.<\/li>
  • Data Exfiltration<\/strong>: Stolen data is transferred to attacker-controlled repositories, such as Amazon S3 buckets, enabling double -extortion, threatening both data loss and data exposure.<\/li>
  • Self-Deletion Mechanisms<\/strong>: To eliminate recovery options,\u00a0NotLockBit\u00a0deletes its own traces, including shadow copies and its execution binary.<\/li><\/ul>

    Cybersecurity researchers at Qualys\u00a0identified\u00a0NotLockBit\u00a0as an advanced and highly adaptive ransomware strain. \u201cThis new variant demonstrates significant sophistication, combining encryption, data theft, and self-removal to maximize its impact,\u201d the researchers noted.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Meta Fined \u20ac251 Million for 2018 Data Breach Impacting 29 Million Accounts<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined \u20ac251 million (around $263 million) for a 2018 data breach that impacted millions of users in the bloc, in what’s the\u00a0latest financial hit\u00a0the company has taken for flouting stringent privacy laws.<\/p>

    The Irish Data Protection Commission (DPC) said the data breach impacted approximately 29 million Facebook accounts globally, of which approximately 3 million were based in the European Union and European Economic Area (EEA). It’s worth noting that initial estimates from the tech giant had pegged the total number of affected accounts at 50 million.<\/p>

    The incident, which the social media company\u00a0disclosed\u00a0back in September 2018, arose from a bug that was introduced to Facebook’s systems in July 2017, allowing unknown threat actors to exploit the “View As” feature that lets a user see their own profile as someone else.<\/p>

    This ultimately made it possible to obtain account access tokens, allowing the attackers to break into victim accounts. Categories of personal data impacted as a result of the security breach included users’ full names, email addresses, phone numbers, location, places of work, dates of birth, religion, gender, posts on timelines, groups of which they were member, and children’s personal data.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    <\/span> 5<\/span> mins read<\/span><\/span>Multiple bugs being exploited, Fortinet issues warning, hackers exploiting Google Ads and new ransomware attacks… Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in […]<\/p>\n","protected":false},"author":1,"featured_media":4162,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 23rd December 2024 - D2NA<\/title>\n<meta name=\"description\" content=\"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 23rd December 2024\" \/>\n<meta property=\"og:description\" content=\"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-23T11:13:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-23T11:29:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 23rd December 2024\",\"datePublished\":\"2024-12-23T11:13:37+00:00\",\"dateModified\":\"2024-12-23T11:29:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/\"},\"wordCount\":1530,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/2024-12-23.jpg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/\",\"name\":\"Weekly Security News - 23rd December 2024 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/2024-12-23.jpg\",\"datePublished\":\"2024-12-23T11:13:37+00:00\",\"dateModified\":\"2024-12-23T11:29:47+00:00\",\"description\":\"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/2024-12-23.jpg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/2024-12-23.jpg\",\"width\":1200,\"height\":627,\"caption\":\"2024-12-23\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2024\\\/12\\\/23\\\/weekly-security-news-23rd-december-2024\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 23rd December 2024\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 23rd December 2024 - D2NA","description":"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 23rd December 2024","og_description":"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery","og_url":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/","og_site_name":"D2NA","article_published_time":"2024-12-23T11:13:37+00:00","article_modified_time":"2024-12-23T11:29:47+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 23rd December 2024","datePublished":"2024-12-23T11:13:37+00:00","dateModified":"2024-12-23T11:29:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/"},"wordCount":1530,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/","url":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/","name":"Weekly Security News - 23rd December 2024 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg","datePublished":"2024-12-23T11:13:37+00:00","dateModified":"2024-12-23T11:29:47+00:00","description":"Patch your Apple devices now, XSS vulnerabilities top danger list, NFC traffic relayed to steal money, Microsoft debut Quick Machine Recovery","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2024\/12\/2024-12-23.jpg","width":1200,"height":627,"caption":"2024-12-23"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2024\/12\/23\/weekly-security-news-23rd-december-2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 23rd December 2024"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4157"}],"version-history":[{"count":7,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4157\/revisions"}],"predecessor-version":[{"id":4167,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4157\/revisions\/4167"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4162"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}