October 8, 2023

Cisco Releases Urgent Security Patch in Emergency Responder Systems

Description

Cisco has issued crucial updates to rectify a severe security vulnerability in Emergency Responder. The flaw, identified as CVE-2023-20101 with a CVSS score of 9.8, stems from hardcoded credentials for the root account, typically intended for development purposes. This vulnerability enables remote, unauthenticated attackers to exploit the static credentials, potentially granting unauthorized access to the affected system. If successfully exploited, the attacker could gain entry and execute unrestricted commands as the root user, posing a significant security risk.

Infected Technology

• Cisco Emergency Responder Release 12.5(1)SU4 and 12.5(1)SU5

Source

https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html

Recommendation

• It’s highly recommended to update to the latest version to mitigate potential threats.

CVE ID

CVE-2023-20101

Beware: Apple Addresses Zero-Day Flaw Exploitation in iOS and iPadOS: What You Need to Know

Description

In a rapidly evolving digital landscape, Apple is once again at the forefront of security by rolling out essential updates to its iOS and iPadOS platforms. These updates come in response to the active exploitation of a zero-day vulnerability known as CVE-2023-42824, and they bring critical improvements to device security. CVE-2023-42824 represents a kernel vulnerability, potentially exploitable by a local attacker to escalate their privileges. While the exact nature of the attacks and the identity of the threat actors remain shrouded in mystery, it’s crucial to grasp that successful exploitation may require an attacker to have already gained initial access through alternative means. Apple has acted swiftly to address this vulnerability by releasing iOS 17.0.3 and iPadOS 17.0.3 updates. These updates include improved checks aimed at mitigating the threat posed by CVE-2023-42824. Apple’s commitment to user safety is further evident, as this marks the 17th zero-day flaw they have addressed in their software since the beginning of the year.

Infected Technology

• iPhone XS and later • iPad Pro 12.9-inch 2nd generation and later • iPad Pro 10.5-inch • iPad Pro 11-inch 1st generation and later • iPad Air 3rd generation and later • iPad 6th generation and later • iPad mini 5th generation and later

Source

https://thehackernews.com/2023/10/apple-rolls-out-security-patches-for.html

Recommendation

• It is imperative to install the latest iOS and iPadOS updates promptly. To do this, navigate to ‘Settings,’ then ‘General,’ and finally ‘Software Update.’ Ensure your device is running iOS 17.0.3 or iPadOS 17.0.3.

CVE ID

CVE-2023-42824

GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries

Description

A new Android banking trojan called GoldDigger has been discovered, targeting over 50 Vietnamese financial applications, with potential expansion into the wider APAC region and Spanish-speaking countries. Detected by Group-IB in August 2023, the malware has likely been active since June 2023. GoldDigger impersonates Vietnamese government portals and energy companies to request intrusive permissions, abusing Android’s accessibility services to extract personal information, steal banking credentials, intercept SMS messages, and enable various user actions. Victims are lured through fake websites, and the malware’s success relies on enabling the “Install from Unknown Sources” option, posing a significant threat due to its advanced protection mechanism, making it challenging to detect and analyze.

Infected Technology

• Vietnamese Financial Applications

Source

https://thehackernews.com/2023/10/golddigger-android-trojan-targets.html

Recommendation

• Download only the legitimate application. • Scan the application before installing • Avoid downloading suspicious application that asks for personal info and asks for permission to get access to your data

Sony Data Breach via MOVEit Vulnerability Affects Thousands in US

Description

Sony Interactive Entertainment LLC (“SIE”) has acknowledged that the MOVEit vulnerability led to a data compromise at its company. Thousands of current and former workers in the United States, as well as their families, were impacted by the data leak.

Sony stated that the attackers were able to have unauthorized access to MOVEit servers and steal data that was being moved using the program in a data breach notice filed with the Office of the Maine Attorney General.

Between May 28 and May 30, 2023, there was a data breach, and the information that was taken included “names and other personal identifiers combined with Social Security Numbers (SSNs).”

Infected Technology

• Sony

Source

https://www.hackread.com/sony-data-breach-moveit-vulnerability-us/

Recommendation

• A proactive approach to data security, coupled with a well-defined response plan, is the best defense against the ever-present threat of data breaches.

Zero-Day Vulnerabilities Discovered On Microsoft Open-Source Software

Description

Microsoft has taken action to address two high-severity zero-day vulnerabilities affecting various open-source software, including Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and the WebP images extension. These vulnerabilities, previously identified with the CVE IDs CVE-2023-4863; a heap buffer overflow vulnerability in libwebp, allowing out-of-bounds memory to write via a crafted HTML page and CVE-2023-5217; A heap buffer overflow vulnerability in vp8 encoding in libvpx, leading to heap corruption via a crafted HTML page, have been categorized with a severity score of 8.8 (High).

Infected Technology

• Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and WebP images extension.

Source

https://cybersecuritynews.com/microsoft-teams-edge-zero-days-vulnerabilities/

Recommendation

• Apply the provided security updates promptly to mitigate the risk of potential exploitation

CVE ID

CVE-2023-4863 and CVE-2023-5217