December 15, 2023 at 08:36AM Zoom unveiled an open source Vulnerability Impact Scoring System (VISS) to help organizations assess and prioritize vulnerabilities based on actual exploitation. The system, designed to complement the Common Vulnerability Scoring System, led to increased reports of critical vulnerabilities during testing and analyzes vulnerabilities based on 13 impact aspects. It remains … Read more
December 14, 2023 at 02:18AM From September 2023, hacker group GambleForce conducted SQL injection attacks in APAC, targeting 24 organizations in gambling, government, retail, and travel sectors. They used tools like dirsearch, sqlmap, and Cobalt Strike, and exploited a Joomla CMS flaw. Group-IB discovered and took down the group’s C2 server and notified the victims. … Read more
December 12, 2023 at 02:06PM SAP announced 15 new and two updated security notes in its December 2023 Security Patch Day. This includes ‘hot news’ notes addressing vulnerabilities in SAP Business Technology Platform, Business Client, and OS command injection flaws in SAP ECC and SAP S/4HANA. Various other high and medium-priority issues were also resolved. … Read more
December 8, 2023 at 12:20PM Insider threats using privilege escalation flaws are on the rise, with 55% of incidents relying on privilege escalation exploits and 45% introducing risks through downloading risky tools. Crowdstrike reports that insider attacks cost an average of $648,000 for malicious and $485,000 for non-malicious incidents. Additionally, introducing flaws into networks increases … Read more
December 6, 2023 at 09:52AM CISA removed CVE-2022-28958, a supposed critical flaw in a D-Link router, from its Known Exploited Vulnerability catalog after a review revealed it was not a real vulnerability. VulnCheck debunked the issue, originally believed to allow remote code execution. The flaw was included due to an invalid proof of concept but … Read more
December 6, 2023 at 06:54AM Twenty-one security flaws dubbed Sierra:21 affect over 86,000 Sierra Wireless AirLink routers, risking credential theft, device control, and botnet use in sectors like energy and healthcare. Fixes have been released for some components, but TinyXML remains unpatched. The vulnerabilities threaten critical infrastructure with various cyber threats. ### Meeting Takeaways: Cyber … Read more
December 6, 2023 at 06:00AM CISA warns of a high-severity Adobe ColdFusion vulnerability (CVE-2023-26360) being actively exploited, affecting outdated versions of the software. Attackers used it for unauthorized access and code execution on government servers, installing malware, and conducting reconnaissance. Updated ColdFusion versions have fixed the flaw. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure … Read more
December 6, 2023 at 02:48AM Forescout discovered 21 vulnerabilities in Sierra Wireless AirLink routers and OpenNDS, TinyXML components, threatening critical infrastructures with attacks like remote code execution and unauthorized access. Notably, over 86,000 exposed routers online are at risk, largely in the U.S. Patching with ALEOS version 4.17.0 and implementing security measures are recommended. Meeting … Read more
December 5, 2023 at 12:47PM CISA reported two server breaches at a federal agency due to an unpatched Adobe ColdFusion flaw (CVE-2023-26360). The attackers exploited the vulnerability for reconnaissance and malware deployment, but their further malicious activities were hindered. The incidents occurred months after agencies were ordered to patch the flaw, and the attackers’ identities … Read more
December 5, 2023 at 07:54AM The December 2023 Android security updates address 94 vulnerabilities, with fixes for multiple critical-severity issues. Takeaways from Meeting: 1. The latest Android security updates issued in December 2023 have addressed a total of 94 vulnerabilities. 2. Among these vulnerabilities, a number are categorized as having critical severity. 3. It is … Read more