The Daily Decrypt

Russia blocks Discord, GitLab exploit released & more cybersecurity news

Play Episode Pause Episode

Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds

00:00 /

Apple Podcasts Spotify YouTube

RSS Feed

Share

Link

Embed

Video Episode: https://youtu.be/O2h2nBA4BQ8
In today’s episode, we discuss significant security vulnerabilities found in Manufacturing Message Specification (MMS) protocol libraries, potentially allowing attackers to execute remote code or crash industrial devices. We also cover the sudden blockade of Discord in Russia and Turkey due to illegal activity, affecting user access, and the release of exploit code for a critical GitLab authentication bypass flaw, CVE-2024-45409, which could allow unauthorized access to GitLab installations. Lastly, we explore the GoldenJackal APT group’s sophisticated attacks targeting air-gapped systems in Europe for cyberespionage purposes.

References:
1. https://thehackernews.com/2024/10/researchers-uncover-major-security.html
2. https://www.bleepingcomputer.com/news/government/discord-blocked-in-russia-and-turkey-for-spreading-illegal-content/
3. https://www.helpnetsecurity.com/2024/10/09/exploit-cve-2024-45409/
4. https://www.helpnetsecurity.com/2024/10/09/goldenjackal-air-gapped-systems-compromise/

Timestamps

00:00 – Introduction

00:59 – GoldenJackal APT bypass Air-Gapped Systems

02:01 – GitLab Vulnerability

02:47 – Russia and Turkey block Discord

04:04 – Industrial Environments Vulnerability

1. What are today’s top cybersecurity news stories?
2. How are vulnerabilities in MMS protocol impacting industrial security?
3. What are the reasons behind Discord’s blocking in Russia and Turkey?
4. What should GitLab users know about the CVE-2024-45409 authentication bypass vulnerability?
5. Who is the GoldenJackal APT group and what attacks have they launched?
6. What are the implications of air-gapped systems being breached by cyberespionage groups?
7. What vulnerabilities were found in the libIEC61850 and TMW IEC 61850 libraries?
8. How can organizations mitigate risks from the newly discovered vulnerabilities in industrial systems?
9. Why is Discord considered a platform for illegal activities in Russia and Turkey?
10. What steps should GitLab administrators take to protect from recent exploit scripts?

MMS protocol, MZ Automation, Triangle MicroWorks, remote code execution, Discord, VPNs, protests, government control, GitLab, CVE-2024-45409, SAML, exploit, GoldenJackal, APT, air-gapped, cyberespionage,