Youtube

What happened to the 9.9 CVSS Linux CVE? – ThreatWire

Youtube



ThreatWire Summary

Summary of ThreatWire Video

The video discusses the recent breaches in security involving Meta and a significant car hacking vulnerability related to Kia models, along with new vulnerabilities in the Common Unix Printing System (CUPS).

Key Points:

  • Meta has been fined 1 million for storing hundreds of millions of user passwords in plain text, leading to an investigation by the Irish Data Protection Commission.
  • For effective security, companies should remember basic security practices such as encrypting passwords.
  • A new vulnerability allowed hackers to take over Kia cars by exploiting poorly protected web portals to reassign car ownership without notifying the legitimate owners.
  • Responsible hackers reported the Kia vulnerability, and it has since been resolved after a two-month period of examination.
  • A security researcher found multiple vulnerabilities in the Common Unix Printing System (CUPS), which could allow for remote code execution if the victim triggers a print on a malicious printer.
  • The vulnerabilities in CUPS are associated with four CVEs, with scores ranging from 8.3 to 9.0, indicating their severity.
  • It’s emphasized that users need to be aware of the risks presented by smart technology and the need for traditional security measures.

For more detailed insights, visit Patreon or check out Ali’s channel for related content.

Youtube Channel: Hak5
Video Published: 2024-10-02T16:41:25+00:00

Video Description:
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️

@endingwithali →
Twitch: https://twitch.tv/endingwithali
Twitter: https://twitter.com/endingwithali
YouTube: https://youtube.com/@endingwithali
Everywhere else: https://links.ali.dev

NEW VIDEO: https://www.youtube.com/watch?v=17lyi46UzA0&ab_channel=AliDiamond

Want to work with Ali? endingwithalicollabs@gmail.com

[❗] Join the Patreon→ https://patreon.com/threatwire
00:00 0 – Intro
00:07 1 – Mega Meta Fine
01:24 2 – Kia Web App Vulnerability
03:20 3 – Linux CUPS CVE
05:42 4 – Outro

LINKS
🔗 Story 1: Mega Meta Fine
https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-opens-statutory-inquiry-facebook-0
https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/
https://petapixel.com/2024/09/30/meta-fined-102-million-for-storing-users-passwords-in-plain-text/
🔗 Story 2: Kia Web App Vulnerability
https://samcurry.net/hacking-kia
🔗 Story 3: Linux CUPS CVE
Out of respect for the victims of the security researcher from the CUPS story, I’ve chosen not to link to any of the researcher’s work. If you believe you’re a victim of domestic abuse, please check out https://www.thehotline.org/ for more resources.
https://www.aquasec.com/blog/cups-a-critical-9-9-linux-vulnerability-reviewed/
https://securitylabs.datadoghq.com/articles/emerging-vulnerability-cups/

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Our Site → https://www.hak5.org
Shop → http://hakshop.myshopify.com/
Community → https://www.hak5.org/community
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________

Founded in 2005, Hak5’s mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

What happened to the 9.9 CVSS Linux CVE? – ThreatWire

Tags: UNIX, LEARN, VULNERABILITY, LINUX, CVE