Europol shut down Emotet botnet infrastructure
As a result of a joint operation of law enforcement agencies of several countries, specialists managed to seize control over the infrastructure and stop the malicious activity of the Emotet botnet. Due to the gained access to the infrastructure, Europol began to distribute a new module to the devices of the victims of the botnet, which will remove malware from March 25 of this year.
Critical vulnerability found in sudo utility
According to experts from Qualys, the vulnerability allows an unprivileged user to gain root access, bypassing the necessary authority checks and without passing authentication. Researchers have demonstrated working exploits on Debian 10, Fedora 33, and Ubuntu 20.04 operating systems. The vulnerabilities affect sudo versions 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1. The issue was fixed as part of the 1.9.5p2 update.
Researchers Warn of New Version of NAT Slipstreaming Attack
According to Armis, NAT Slipstreaming v2.0 allows an attacker to gain access to any device on the internal network when the victim follows a specially crafted malicious link. Fortinet, Cisco and HPE enterprise-class NAT solutions and firewalls are affected by the issue, and do not rule out its presence in third-party products, the researchers say. Google, Apple, Mozilla, and Microsoft have already released an update to their browsers to block this attack.