2023 and Security Defenses - Cyber Security Informer

Weekly Vulnerability Recap – December 18, 2023 – JetBrains TeamCity Exploits Continue

eSecurity Planet

DECEMBER 18, 2023

Before your IT and security teams log off for the holidays, make sure to check for any outstanding updates or patches. December 11, 2023 Sonar Finds Three Vulnerabilities in Open-Source Firewall pfSense Type of vulnerability: Cross-site scripting and command injection. pfSense CE 2.7.0 and below and pfSense Plus 23.05.1 Versions 2.7.1

Backups

Backups Firewall Engineering Software

Microsoft’s December 2023 Patch Tuesday Includes Four Critical Flaws

eSecurity Planet

DECEMBER 14, 2023

Microsoft announced only one zero-day flaw this month: CVE-2023-20588 , which is found in AMD processors. Four Critical Vulnerabilities Announced The first of the four critical flaws announced, CVE-2023-35628 , is a remote code execution vulnerability in the Windows MSHTML platform with a CVSS score of 8.1.

Antivirus

Antivirus Engineering Security Defenses Internet

October 2023 Patch Tuesday Includes Three Zero-Days Flaws

eSecurity Planet

OCTOBER 11, 2023

Microsoft’s Patch Tuesday for October 2023 covers a total of 103 CVEs, including three zero-day vulnerabilities affecting WordPad, Skype and the HTTP/2 “ Rapid Reset ” DDoS vulnerability. CVE-2023-41763 , an elevation of privilege vulnerability in Skype for Business with a CVSS score of 5.3

DDOS

DDOS Engineering Authentication Social Engineering

Weekly Vulnerability Recap – August 21, 2023 – When ACE Equals Bad

eSecurity Planet

AUGUST 21, 2023

Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. A few small errors in the implementation of AES Encryption allows for unauthenticated ACE, and the security firm GreyNoise notes a significant spike in attackers trying to exploit this vulnerability.

Encryption

Encryption Security Defenses Cybersecurity Software

Weekly Vulnerability Recap – October 30, 2023 – Citrix & Cisco Haunted by Vulnerabilities

eSecurity Planet

OCTOBER 30, 2023

It can also be a challenge for security and IT pros even to know everything they own — a vulnerable device may have been forgotten — so asset management is an increasingly important part of vulnerability management. The problem: CVE-2023-20198 , with a highest-possible CVSS Score of 10.0, and CVE-2023-20273 with a CVSS Score of 7.2,

Authentication

Authentication Mobile Accountability Software

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. score of 9.8 out of 10.0, are format string vulnerabilities. 31 and updated Sept.

VPN

VPN Authentication Firmware Phishing

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

SEPTEMBER 5, 2023

Collectively, these episodes highlight the need for comprehensive cybersecurity defenses and timely patch management for risk mitigation. CVE-2023-3519 was used by the attackers to infect computers, including misleading PowerShell scripts, malware payloads within normal processes, and PHP web shells for remote control. are affected.

VPN

VPN Authentication Ransomware Antivirus

Weekly Vulnerability Recap – October 2, 2023 – WS_FTP, Exim, Cisco and Other Exploited Vulnerabilities

eSecurity Planet

OCTOBER 2, 2023

September 29, 2023 Patch WS_FTP Now: 10 / 10 RCE Vulnerability Revealed Type of attack: Attackers can exploit unpatched vulnerabilities to perform remote code execution (RCE), directory traversal, cross-site scripting (XSS), SQL injection , cross-site request forgery (CSRF), and file enumeration attacks. RCE vulnerability CVE-2023-42117 = 8.1

DDOS

DDOS Encryption Software Ransomware

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software

Software Education Ransomware Firmware

Weekly Vulnerability Recap – September 18, 2023 – Patch Tuesday Also For Adobe, Apple and More

eSecurity Planet

SEPTEMBER 18, 2023

This week, the following active exploits of vulnerabilities were announced: Iranian advanced persistent threat (APT) group exploits January 2023 vulnerabilities in Fortinet firewalls and ManageEngine software to perform remote code execution (RCE) on U.S. Read More: The 8 Best Vulnerability Scanner Tools for 2023 What is Patch Management?

Firewall

Firewall Security Defenses Risk Cybersecurity

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

eSecurity Planet

OCTOBER 9, 2023

The sheer number of security issues underscores the need for strong patch and vulnerability management — and for cyber resilience that goes deeper than common preventive measures. The problem: Arm has issued a security alert on CVE-2023-4211 , an actively exploited vulnerability in its Mali GPU drivers.

Architecture

Architecture Ransomware Software Accountability

Weekly Vulnerability Recap – October 23, 2023 – Cisco, SolarWinds Vulnerabilities Make News

eSecurity Planet

OCTOBER 23, 2023

See the Top Patch and Vulnerability Management tools October 16, 2023 Cisco vulnerability could affect over 40,000 pieces of networking equipment Type of attack: Zero-day vulnerability in IOS XE. and CVE-2023-20273 with a CVSS Score of 7.2. of Confluence Data Center and Confluence Server.

Passwords

Passwords Penetration Testing Accountability Software

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

We’ve compiled some recently active vulnerabilities — both old and new — for security teams to monitor, mitigate, patch, or even remove from your infrastructure altogether. August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

We’ve compiled some recently active vulnerabilities — both old and new — for security teams to monitor, mitigate, patch, or even remove from your infrastructure altogether. August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More

eSecurity Planet

SEPTEMBER 25, 2023

Read about the following vulnerabilities and bugs to know what your business and security team should address, as these flaws and attacks can apply to startups and large enterprises alike. An attacker can use policies for scheduled security scans to run a pipeline in GitLab, posing as another user. severity rating.

Ransomware

Ransomware Antivirus Penetration Testing Telecommunications

Weekly Vulnerability Recap – October 16, 2023 – DDoS, Microsoft, Apple & Linux Lead a Busy Week

eSecurity Planet

OCTOBER 16, 2023

See also: Top Patch and Vulnerability Management tools October 9, 2023 D-Link WiFi range extender susceptible to command injection attacks Type of attack: The vulnerability is a combination of a Denial of Service (DoS) attack and a Remote Command Injection attack.

DDOS

DDOS Software Cybersecurity Manufacturing

Weekly Vulnerability Recap – August 14, 2023 – Old or New, Vulnerabilities Need Management

eSecurity Planet

AUGUST 14, 2023

Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. August 12 , 2023 Ford Auto’s TI Wi-Fi Vulnerability The Internet of Things (IoT) continues to expand and become a threat to connected businesses. Adobe also updated their Commerce and Dimension software.

Software

Software Malware Internet Internet

Cisco+ Secure Connect SASE Review & Features 2023

eSecurity Planet

SEPTEMBER 26, 2023

Cisco+ Secure Connect Platform Cisco+ Secure Connect strives to provide a turnkey SASE solution for a variety of needs. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Firewall

Firewall DNS Architecture Technology

Cato SASE Cloud Review & Features 2023

eSecurity Planet

SEPTEMBER 26, 2023

Cato SASE Cloud Cato SASE Cloud provides a cloud-native solution for SASE that is fast to deploy, simple to manage, and capable of improving security and performance. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Firewall

Firewall VPN Malware Internet

5 Main Ransomware Attack Vectors in 2023

Spinone

JANUARY 17, 2023

It quietly makes its way past your security defenses into the heart of your data and keeps it hostage until you pay a ransom. Learn the key ransomware attack vectors in the […] The post 5 Main Ransomware Attack Vectors in 2023 first appeared on SpinOne.

Ransomware

Ransomware Security Defenses

Versa Unified SASE Review & Features 2023

eSecurity Planet

SEPTEMBER 26, 2023

The platform, previously called Versa Secure Access or Versa Secure Access Fabric, connects to both cloud and local resources with ease. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Firewall

Firewall Software Internet Internet

Barracuda SecureEdge SASE Review 2023

eSecurity Planet

SEPTEMBER 22, 2023

Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Subscribe The post Barracuda SecureEdge SASE Review 2023 appeared first on eSecurity Planet. You can unsubscribe at any time.

Firewall

Firewall Marketing Firmware Technology

Cloudflare One SASE Review & Features 2023

eSecurity Planet

SEPTEMBER 25, 2023

Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Subscribe The post Cloudflare One SASE Review & Features 2023 appeared first on eSecurity Planet. You can unsubscribe at any time.

DNS

DNS DDOS IoT Firewall

MITRE ATT&CK Evaluations 2023: Palo Alto, Microsoft, CrowdStrike & Cybereason Lead the Way

eSecurity Planet

SEPTEMBER 22, 2023

MITRE Engenuity has released its 2023 ATT&CK evaluations, examining how top cybersecurity vendors detect and prevent sophisticated cyberthreats. Subscribe The post MITRE ATT&CK Evaluations 2023: Palo Alto, Microsoft, CrowdStrike & Cybereason Lead the Way appeared first on eSecurity Planet. You can unsubscribe at any time.

Cybersecurity

Cybersecurity Security Defenses Marketing Technology

7 Best Penetration Testing Service Providers in 2023

eSecurity Planet

OCTOBER 13, 2023

Subscribe The post 7 Best Penetration Testing Service Providers in 2023 appeared first on eSecurity Planet. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.

Penetration Testing

Penetration Testing Social Engineering Software Cyber Attacks

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

Spear Phishing Prevention: 10 Ways to Protect Your Organization Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. You can unsubscribe at any time.

Software

Software Phishing Mobile Threat Detection

6 Best IT Asset Management (ITAM) Software 2023

eSecurity Planet

AUGUST 23, 2023

23, 2023 Read next: Vulnerability Patching: How to Prioritize and Apply Patches Is the Answer to Vulnerabilities Patch Management as a Service? Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Software

Software Mobile IoT Antivirus

Palo Alto Prisma SASE Review & Features 2023

eSecurity Planet

SEPTEMBER 26, 2023

Prisma SASE Palo Alto’s Prisma SASE solution is the only company recognized as a Leader in Gartner’s 2023 Magic Quadrant for Single-Vendor SASE. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Artificial Intelligence

Artificial Intelligence Marketing DNS IoT

5 Main Ransomware Attack Vectors in 2023

Spinone

DECEMBER 17, 2019

It quietly makes its way past your security defenses into the heart of your data and keeps it hostage until you pay a ransom. Learn the key ransomware attack vectors in the […] The post 5 Main Ransomware Attack Vectors in 2023 first appeared on SpinOne.

Ransomware

Ransomware Security Defenses

6 Best Threat Intelligence Feeds to Use in 2023

eSecurity Planet

AUGUST 10, 2023

Read next: Network Protection: How to Secure a Network Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. You can unsubscribe at any time.

Internet

Internet Internet Cybersecurity Malware

Microsoft Patch Tuesday Includes Word, Streaming Service Zero-Days

eSecurity Planet

SEPTEMBER 13, 2023

Microsoft’s Patch Tuesday for September 2023 includes 59 vulnerabilities, five of them rated critical and two currently being exploited in the wild. The two vulnerabilities currently being exploited are CVE-2023-36761 , an information disclosure flaw in Microsoft Word with a CVSS score of 6.2;

Engineering

Engineering Security Defenses Risk Media

VulnRecap 1/8/24 – Ivanti EPM & Attacks on Old Apache Vulnerabilities

eSecurity Planet

JANUARY 8, 2024

and older of the Perl Spreadsheet::ParseExcel library ( CVE-2023-7101 ) contain a RCE vulnerability exploited by Chinese hackers, as noted on December 24th. Chrome web browsers experience heap buffer overflow ( CVE-2023-7024 ) in the WebRTC real-time communication coding that can crash chrome or allow for code execution. Versions 0.65

Encryption

Encryption Security Defenses Cybersecurity Internet

Weekly Vulnerability Recap – January 2, 2024 – Barracuda ESG, Apache OfBiz Vulnerabilities Persist

eSecurity Planet

JANUARY 2, 2024

Google announced an update to the desktop stable channel to 120.0.6099.129 on December 20, 2023, which was expected to roll out over the coming days and weeks. The fix: Barracuda deployed a patch on December 22, 2023, to fix the exploited ESG appliances. The fix: Access to fix data is currently limited.

Authentication

Authentication Software Engineering Security Defenses

Patch Tuesday Targets 74 Flaws, Including Microsoft Teams, Office

eSecurity Planet

AUGUST 9, 2023

Microsoft’s Patch Tuesday for August 2023 addresses 74 vulnerabilities, six of them critical. The six critical vulnerabilities discussed in the release note are as follows: CVE-2023-29328 and CVE-2023-29330 , a pair of remote code execution flaws in Microsoft Teams with a CVSS score of 8.8 exe and hvciscan_arm64.exe),

VPN

VPN Security Defenses Cybersecurity Engineering

Power Management Vulnerabilities Could Shut Down Data Centers: Researchers

eSecurity Planet

AUGUST 12, 2023

Trellix researchers are disclosing a number of critical data center power management platform vulnerabilities at DEFCON 2023 today. Here are the vulnerabilities they discovered, including their CVEs, CVSS scores, and a brief description of each: CyberPower DCIM: CVE-2023-3264: Use of Hard-coded Credentials (CVSS 6.7)

Authentication

Authentication Spyware DDOS Cybersecurity

RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR

Security Affairs

SEPTEMBER 11, 2024

. “ RansomHub used TDSSKiller with the -dcsvc flag to try disabling critical security services, specifically targeting Malwarebytes Anti-Malware Service (MBAMService). The command aimed to disrupt security defenses by disabling this service. appeared in the threat landscape in May 2023.

Ransomware

Ransomware Malware Security Defenses Hacking

VulnRecap 2/5/24 – Azure, Apple, Ivanti, & Mastodon at Risk

eSecurity Planet

FEBRUARY 5, 2024

The Known Exploited Vulnerabilities list also added the previously disclosed issues CVE-2023-36846 and CVE-2023-36851 , emphasizing the importance of immediate fix. The fix: Microsoft already issued a fix in October 2023 to address this vulnerability. Both affect J-Web and all Junos OS versions. This gets a severity score of 7.3

Risk

Risk Penetration Testing Authentication Software

VulnRecap 1/29/24 – Apple, Apache & VMware Under Attack

eSecurity Planet

JANUARY 29, 2024

The problem: Mandiant revealed possible 2021 exploitation by Chinese espionage attackers for CVE-2023-34048, an out-of-bounds weakness in protocol implementation first publicly reported in October 2023. The fix: Deploy the Apache security upgrades available since November 2023.

Software

Software Authentication CSO Accountability

Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More

eSecurity Planet

APRIL 29, 2024

An old Microsoft Windows spooler flaw is added to the CISA KEV list, and the Cactus Ransomware gang currently pursues unfixed Qlik Sense servers with a vulnerability patched in September 2023. Only after additional testing in May 2023 did Brocade accept the vulnerabilities existed, but did not issue patches until December 2023.

Firewall

Firewall Software Ransomware Penetration Testing

VulnRecap 2/12/24: Ivanti, JetBrains, Fortinet, Linux Issues

eSecurity Planet

FEBRUARY 12, 2024

This code exists in all software that uses Secure Boot, like SUSE, Red Hat, and Debian. The RCE vulnerability is tracked as CVE-2023-40547 and has a severity rating of 8.3. Orca Security published a blog post about the vulnerabilities — its researchers discovered and reported the issues in Fall 2023, and Microsoft quickly patched them.

VPN

VPN Authentication Software Firewall

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

CVE-2023-6317 allows for the bypass of permission procedures, enabling unauthorized users to be added. CVE-2023-6318 permits privilege escalation to get root access. CVE-2023-6319 enables the execution of arbitrary commands via music lyrics display.

Firewall

Firewall VPN Software Risk

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

CVE-2023-6548 is a remote code execution vulnerability for an authenticated user, and CVE-2023-6549 is a denial-of-service vulnerability. To exploit CVE-2023-6548, an attacker must have access to NSIP, CLIP, or SNIP and also have management interface access. There’s evidence that it’s been exploited in the wild.

Authentication

Authentication Malware VPN Mobile

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

eSecurity Planet

SEPTEMBER 9, 2024

September 2, 2024 RansomHub Exploits Multiple Vulnerabilities to Attack Critical Sectors Type of vulnerability: Multiple security flaws from major organizations. The attackers encrypted and stole data from 210 victims in major businesses, threatening data leaks if ransoms weren’t paid.

Firmware

Firmware Backups Firewall Risk

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

eSecurity Planet

FEBRUARY 2, 2024

Teslas Get the Spotlight in Recent Ethical Hacking Efforts Researchers have discovered multiple vulnerabilities within Teslas since March 2023. Rapid7’s Zero Day Initiative hosts an event called Pwn2Own, and at the 2023 event, computer security firm Synactiv hacked a Tesla computer within two minutes.

Hacking

Hacking IoT Firmware Cybersecurity

Weekly Vulnerability Recap – December 18, 2023 – JetBrains TeamCity Exploits Continue

Microsoft’s December 2023 Patch Tuesday Includes Four Critical Flaws

Trending Sources

October 2023 Patch Tuesday Includes Three Zero-Days Flaws

Weekly Vulnerability Recap – August 21, 2023 – When ACE Equals Bad

Weekly Vulnerability Recap – October 30, 2023 – Citrix & Cisco Haunted by Vulnerabilities

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

Weekly Vulnerability Recap – October 2, 2023 – WS_FTP, Exim, Cisco and Other Exploited Vulnerabilities

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

Weekly Vulnerability Recap – September 18, 2023 – Patch Tuesday Also For Adobe, Apple and More

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

Weekly Vulnerability Recap – October 23, 2023 – Cisco, SolarWinds Vulnerabilities Make News

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More

Weekly Vulnerability Recap – October 16, 2023 – DDoS, Microsoft, Apple & Linux Lead a Busy Week

Weekly Vulnerability Recap – August 14, 2023 – Old or New, Vulnerabilities Need Management

Cisco+ Secure Connect SASE Review & Features 2023

Cato SASE Cloud Review & Features 2023

5 Main Ransomware Attack Vectors in 2023

Versa Unified SASE Review & Features 2023

Barracuda SecureEdge SASE Review 2023

Cloudflare One SASE Review & Features 2023

MITRE ATT&CK Evaluations 2023: Palo Alto, Microsoft, CrowdStrike & Cybereason Lead the Way

7 Best Penetration Testing Service Providers in 2023

7 Best Email Security Software & Tools in 2023

6 Best IT Asset Management (ITAM) Software 2023

Palo Alto Prisma SASE Review & Features 2023

5 Main Ransomware Attack Vectors in 2023

6 Best Threat Intelligence Feeds to Use in 2023

Microsoft Patch Tuesday Includes Word, Streaming Service Zero-Days

VulnRecap 1/8/24 – Ivanti EPM & Attacks on Old Apache Vulnerabilities

Weekly Vulnerability Recap – January 2, 2024 – Barracuda ESG, Apache OfBiz Vulnerabilities Persist

Patch Tuesday Targets 74 Flaws, Including Microsoft Teams, Office

Power Management Vulnerabilities Could Shut Down Data Centers: Researchers

RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR

VulnRecap 2/5/24 – Azure, Apple, Ivanti, & Mastodon at Risk

VulnRecap 1/29/24 – Apple, Apache & VMware Under Attack

Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More

VulnRecap 2/12/24: Ivanti, JetBrains, Fortinet, Linux Issues

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

Stay Connected