CISA says critical Fortinet RCE flaw now exploited in attacks

October 9, 2024 at 06:11PM CISA announced that attackers are exploiting a critical FortiOS remote code execution vulnerability (CVE-2024-23113), allowing unauthenticated access to unpatched devices. U.S. federal agencies must secure their FortiOS devices within three weeks. Fortinet recommends removing access to the vulnerable fgfmd daemon as a mitigation measure. ### Meeting Takeaways: 1. **Critical Vulnerability … Read more

CYRISMA Secures $7M Growth Equity Financing led by Blueprint Equity

October 9, 2024 at 05:36PM CYRISMA, a risk management platform, announced Series A funding led by Blueprint Equity, with participation from SaaS Venture and Golden Ventures. The investment will enhance platform development, expand sales, and support Managed Service Providers (MSPs) in managing cybersecurity risks effectively. Blueprint Equity’s Sheldon Lewis will join CYRISMA’s Board. **Meeting Takeaways: … Read more

3 More Ivanti Cloud Vulns Exploited in the Wild

October 9, 2024 at 03:06PM Ivanti has alerted customers to three new vulnerabilities in its Cloud Services Appliance (CVA) that are currently being exploited, alongside a previously disclosed zero-day vulnerability. The company advises users to review administrative access and EDR alerts, and recommends migrating to CSA version 5.0 if compromised. ### Meeting Takeaways: 1. **New … Read more

Palo Alto Networks warns of firewall hijack bugs with public exploit

October 9, 2024 at 03:03PM Palo Alto Networks urged customers to patch critical vulnerabilities in its Expedition solution, which could allow attackers to hijack PAN-OS firewalls and access sensitive data. The flaws involve command injection, XSS, and SQL injection, with proof-of-concept exploits available. Users should upgrade to Expedition 1.2.96 and rotate credentials. ### Meeting Takeaways … Read more

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

October 9, 2024 at 11:43AM Multiple security vulnerabilities in the Manufacturing Message Specification (MMS) protocol pose risks for industrial environments, potentially enabling device crashes and remote code execution. Key libraries affected were patched in 2022, but gaps in security for modern technology versus outdated protocols persist. Additional vulnerabilities in other systems were also reported. ### … Read more

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

October 9, 2024 at 03:27AM Microsoft has issued security updates for 118 vulnerabilities, including two under active exploitation. Key vulnerabilities include CVE-2024-43572 and CVE-2024-43573, both related to remote code execution and spoofing. The U.S. CISA has added these to its catalog, mandating fixes by October 29, 2024. ### Meeting Takeaways – Microsoft Security Updates (Oct … Read more

Microsoft issues 117 patches – some for flaws already under attack

October 8, 2024 at 07:40PM Patch Tuesday released 117 Microsoft patches, addressing serious vulnerabilities including CVE-2024-43572, a high-risk flaw allowing unauthorized code execution, and CVE-2024-43573, a moderate spoofing issue. Adobe and SAP also issued numerous updates, with notable concerns in BusinessObjects and Apache Log4j related to their respective vulnerabilities. ### Meeting Takeaways **Patch Tuesday Overview … Read more

5 CVEs in Microsoft’s October Update to Patch Immediately

October 8, 2024 at 05:52PM Microsoft’s October security update addressed 117 vulnerabilities, ranking as the third largest release this year. Of these, two actively exploited flaws require immediate attention. One, CVE-2024-43573, is a spoofing vulnerability in MSHTML, while the other, CVE-2024-43572, is a remote code execution (RCE) flaw in Microsoft Management Console. Three publicly known … Read more

Qualcomm urges device makers to push patches after ‘targeted’ exploitation

October 8, 2024 at 05:35PM Qualcomm has released 20 patches for chipsets’ firmware, addressing critical vulnerabilities, including exploited flaws in DSP software. Notably, CVE-2024-43047 carries a CVSS severity rating of 7.8, exploited by nation-state attackers or surveillanceware vendors. The update is urged for affected devices, with specific impacts on Snapdragon models and FastConnect Wi-Fi/Bluetooth kit. … Read more

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

October 7, 2024 at 05:57AM A critical security flaw (CVE-2024-47561) in Apache Avro Java SDK prior to 1.11.4 allows execution of arbitrary code, impacting large-scale data processing. Users are advised to upgrade to version 1.11.4 or 1.12.0. Vulnerability exists in deserializing input via Avro schema, affecting organizations mainly in the US. Mitigations include sanitizing schemas … Read more