A critical flaw in Linux and a vulnerability in PAN-OS are being actively exploited by cybercriminals, while AI-powered attacks and OAuth identity theft are becoming more common. For citizens, this means their personal data and online accounts are at greater risk if they do not update their devices. Keeping software up to date and being wary of suspicious links is key to protecting yourself.
Active exploitation of kernel and firewall flaws 🛡️
The Linux flaw, identified as CVE-2024-1086, allows privilege escalation on unpatched systems, affecting distributions such as Ubuntu and Debian. On the other hand, the vulnerability in PAN-OS, CVE-2024-0012, exposes Palo Alto firewalls to remote code execution. Both exploits are already circulating on clandestine forums. Administrators must apply patches immediately and review logs for anomalous activity. Generative AI is also being used to create more convincing phishing emails.
OAuth impersonates you and you don't even know it 🎭
If you thought granting permissions to an app to access your Google account was safe, think again. Attackers now impersonate identities via OAuth, making it appear that a legitimate service is requesting access. It's like a thief disguising themselves as a mailman so you open the door. The solution is not to become a digital hermit, but to review which apps have access to your accounts and revoke those you don't use. And yes, also update everything.