Summary Security researcher, Simone Margaritelli, otherwise known as @evilsocket, has disclosed a vulnerability in OpenPrinting CUPS, an open source printing system for GNU/Linux systems. This vulnerability is currently assigned 4 CVEs at the time of writing, all of which are reserved by a CNA (CERT). CVE-2024-47176 CVE-2024-47076 CVE-2024-47175 CVE-2024-47177 The vulnerability allows an attacker to perform an unauthenticated remote code execution attack against systems running CUPS. Earlier, there was speculation from Simone that engineers from RedHat and Canonical have evaluated a CVSS:3.

Many of us have been there: the daily threat feeds, threat exchange platforms, combing through lists of IOCs of varying difficult formats, even sometimes manually keying in from screenshots. All of this just to gather data to write threat hunting queries and detection rules. With AI, we can make our lives a little bit easier when it comes to basic hunting and detection, and even learn a few things in the process.

As we all know, getting our organization onto Multi-factor authentication (MFA) is just the first step. The real challenge lies in moving to more secure second factors that can withstand increasingly sophisticated emerging threats. Unfortunately, industry support for moving to more advanced MFA methods is still not where it needs to be. But as security-minded individuals, we want to stay ahead of the curve and protect our users and environments from potential attacks.