#ITServicesAlert

Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing

by

October 2, 2024 at 04:46PM Critical security vulnerabilities with severity scores of 9.3 have been discovered in Optigo’s Spectra Aggregation Switch, potentially allowing remote attackers to inject malware into the OT network management switches running version 1.3.7 and earlier. No patches are available, and the manufacturer has issued workarounds to mitigate the vulnerabilities. The US … Read more

Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue

by

August 21, 2024 at 08:54AM Miggo has identified a critical configuration issue in AWS’s Application Load Balancer, potentially impacting 15,000 vulnerable apps. Referred to as ALBeast, the attack involves forging tokens and exploiting the ALB configuration to bypass authentication and authorization. Businesses are advised to validate token signers and restrict traffic to mitigate these threats. … Read more

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

by

August 14, 2024 at 11:28AM A critical vulnerability in SolarWinds’ Web Help Desk solution allows for remote code execution due to a Java deserialization flaw (CVE-2024-28986). The company released a hotfix for the issue, impacting all versions except 12.8.3 with the hotfix applied. Users are advised to upgrade to the latest version and apply the … Read more

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight

by

July 31, 2024 at 10:28AM DigiCert will revoke SSL/TLS certificates due to an oversight in domain verification. The issue occurred when a random value was not prefixed with an underscore character, leading to improper domain control validation. Approximately 0.4% of certificates are affected, prompting impacted customers to replace their certificates. The incident may cause temporary … Read more

Hamster Kombat Players Threatened by Spyware & Infostealers

by

July 24, 2024 at 01:04PM Hamster Kombat, a popular mobile currency game with over 250 million users, is being targeted by malicious actors. Fake Android and Windows software are used to install spyware and other malware. Users searching for the game’s Telegram channel may come across channels distributing Android malware and spyware, posing a risk … Read more

Windows Patch Tuesday update might send a user to the BitLocker recovery screen

by

July 24, 2024 at 11:12AM Some Windows devices encounter a BitLocker recovery screen after installing July’s update, affecting versions from Windows 10 to Windows 11 on the client side, and Windows Server 2008 to Windows Server 2022 on the server side. Microsoft confirmed the issue and advised affected users to have their recovery key or … Read more

Cisco SSM On-Prem bug lets hackers change any user’s password

by

July 17, 2024 at 01:34PM Cisco has fixed a critical vulnerability in its Smart Software Manager On-Prem, allowing potential attackers to change user passwords without authentication. The flaw affects earlier releases and can be exploited remotely. To address the issue, administrators are advised to upgrade to the fixed release as there are no workarounds available. … Read more

Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript

by

July 8, 2024 at 08:01AM Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to … Read more

‘Almost every Apple device’ vulnerable to CocoaPods supply chain attack

by

July 2, 2024 at 03:39AM CocoaPods, a widely used open-source dependency manager for Swift and Objective-C apps, was found to have left thousands of packages exposed to takeover for nearly a decade. Security researchers from EVA Information Security identified multiple vulnerabilities, including supply chain attack opportunities, and potential remote code execution. The CocoaPods team has … Read more

Hackers exploit critical D-Link DIR-859 router flaw to steal passwords

by

June 29, 2024 at 11:24AM Hackers are exploiting a critical vulnerability (CVE-2024-0769) in D-Link DIR-859 WiFi routers to access sensitive data, including account information and passwords. Despite the router being end-of-life, D-Link has released a security advisory warning about the flaw in the “fatlady.php” file. This issue poses a significant security risk, and users are … Read more