Dozens of RCE Vulnerabilities Impact Milesight Industrial Router
#Milesight #IndustrialRouter #RCEVulnerabilities #Cybersecurity
Cisco Talos researchers warn of critical vulnerabilities in the Milesight UR32L industrial router that could lead to remote code execution.
#CiscoTalos #UR32LRouter #SecurityVulnerabilities #RemoteCodeExecution
The most severe vulnerability is a buffer overflow in the router's HTTP server login functionality, allowing pre-authentication remote stack-based buffer overflow and remote command execution.
#BufferOverflow #HTTPServer #RouterLogin #RemoteCommandExecution
An authentication bypass in the MilesightVPN software could facilitate arbitrary code execution on the device, exploiting the router's vulnerabilities.
#MilesightVPN #AuthenticationBypass #ArbitraryCodeExecution
The vulnerabilities were reported to the vendor in February 2023, but no software update has been released to address them.
#VendorResponse #SoftwareUpdate #UnpatchedVulnerabilities
https://www.securityweek.com/dozens-of-rce-vulnerabilities-impact-milesight-industrial-router/
670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: Analysis
#CISA #ICS #vulnerabilities #cybersecurity #OT #securityadvisories #CVEs
Jericho Security raises $3 million in pre-seed funding for AI-powered phishing attack training. #Cybersecurity #AI #Phishing #Training #Funding
Microsoft Teams targeted in Midnight Blizzard phishing attacks. These attacks are highly targeted and employ credential theft phishing lures delivered through Microsoft Teams chats. Midnight Blizzard, previously known as Nobelium, exploits compromised Microsoft 365 tenants to create legitimate technical support entities. They send messages through Microsoft Teams to steal credentials by persuading users to approve multi-factor authentication prompts. Around 40 global organizations have been affected, including government, NGOs, IT services, technology, manufacturing, and media sectors. Microsoft is actively working to prevent the actor from using the domains and is notifying affected customers. #MicrosoftTeams #phishingattacks #socialengineering #credentialtheft #cybersecurity #MidnightBlizzard #Microsoft365
https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/
Summary:
Cisco Talos has published a list of vulnerabilities in small and home office (SOHO) and industrial wireless routers. Talos has worked closely with router vendors over the years to address security concerns and vulnerabilities. The advisory emphasizes the importance of implementing security principles and code quality during development. Additionally, it suggests employing memory-safe languages and clear user interaction boundaries. Users should also research devices before acquisition to ensure secure defaults.
Hashtags:
#RouterSecurity #Vulnerabilities #NetworkProtection #CodeQuality #UserSecurity #Cybersecurity
https://www.infosecurity-magazine.com/news/cisco-talos-soho-routers-post/
Hacktivist Collective "Mysterious Team Bangladesh" revealed - Threat intelligence experts shed light on the group's history, tactics, and targets. The group gained international recognition in 2022 after cyber raids against high-profile targets. Over 750 DDoS attacks and 70 website defacements were carried out within a year. Founder and leader of the group is a threat actor known as D4RK_TSN. The group is linked to other hacktivist groups and their activities are triggered by geopolitical conflicts. Organizations need to take hacktivism seriously and adopt preventive measures. #MysteriousTeamBangladesh #Hacktivism #DDoSattacks #CyberSecurity
https://www.infosecurity-magazine.com/news/mysterious-team-bangladesh-revealed/
Hackers exploited a zero-day flaw in Salesforce email services, targeting Facebook in a phishing attack. #cybersecurity #emailsecurity #zeroday #phishing
Attackers bypassed the safeguard services of Salesforce by using sophisticated methods.
The phishing page used in the attack was hosted on the Facebook apps platform.
Salesforce's "Email-to-Case" feature was exploited by attackers to gain control of the username in generated email addresses.
The vulnerability has been resolved as of July 28, 2023, affecting all Salesforce services and instances. #vulnerabilityfix #Salesforce
Investigations are ongoing to determine why existing protections failed to stop the attacks. #investigationongoing #CyberSecurityNews
Chrome Security Update - 15 critical vulnerabilities fixed, over $60,000 rewarded. #ChromeSecurity #Vulnerabilities #BugBounty
Google releases security update for Chrome, including 17 fixes. #ChromeUpdate #SecurityFixes
High-severity vulnerabilities patched, including confusion in V8 issue and type confusion in V8. #HighSeverity #Vulnerabilities
Heap buffer overflow and out-of-bounds read and write vulnerabilities also patched. #HeapOverflow #OutOfBounds
Upgrade to the latest version of Chrome recommended for Mac, Linux, and Windows users. #UpgradeChrome
Guide on how to update Google Chrome. #ChromeUpdateGuide
Stay informed about the latest Cyber Security News on GoogleNews, Linkedin, Twitter, and Facebook. #CyberSecurityNews
https://cybersecuritynews.com/chrome-security-update-patch-now/
Midnight Blizzard, a Russian hacker group, is using compromised Microsoft 365 tenants to launch a social engineering attack. They create new domains that look like technical support entities and use Microsoft Teams messages to steal credentials. The campaign has affected less than 40 organizations, indicating espionage objectives. The attackers impersonate Microsoft Support to trick users into entering a code in the Microsoft Authenticator app, giving them access to the user's Microsoft 365 account. Microsoft has identified and provided instructions to the targeted customers. #cybersecuritynews #cybersecurity
Hundreds of Citrix endpoints compromised with webshells. Zero-day exploit enables webshells to be installed on around 600 Citrix servers. Germany, France, and Switzerland have the highest number of impacted IPs. Citrix patched the vulnerability CVE-2023-3519 but exploits have still been observed. Other vulnerabilities patched include CVE-2023-3466 and CVE-2023-3467. The Shadowserver Foundation alerted Citrix users to the campaign. Over 15,000 NetScaler ADC and NetScaler Gateway servers were at risk. The zero-day was originally exploited in an attack on a US critical infrastructure organization. Hashtags: #Citrix #Webshells #ZeroDay #Vulnerabilities
https://www.infosecurity-magazine.com/news/hundreds-citrix-compromised/
Members of an organized crime group that posed as PC sellers have been jailed for smuggling cocaine into the UK. The group imported over 100kg of cocaine and went to great lengths to hide their activities, including hiring an industrial unit and using fake company names. The group leader, Craig Gallagher, was sentenced to 24 years for drug offenses and attempting to broker the sale of firearms. Hashtags: #CocaineSmugglers #OrganizedCrime #PCSellers #Jailed
https://www.infosecurity-magazine.com/news/cocaine-smugglers-posed-pc-sellers/
1. Ivanti MobileIron API Access Flaw allows unauthorized access to sensitive information.
2. The vulnerability exists in MobileIron Core 11.2 version.
3. It is a combination of MDM, MAM, and MCM.
4. An unauthenticated attacker can exploit the vulnerability to gain access to restricted functionalities.
5. MobileIron Core 11.2 versions are out of support and there will be no patches released.
6. Users are recommended to upgrade to the latest version of Ivanti Endpoint Manager Mobile.
7. Many product vulnerabilities are identified after the support period.
8. MobileIron Core version below 11.8.1.0 had a zero-day vulnerability, which was quickly addressed.
9. CISA issued a warning about the exploitation of vulnerabilities in Ivanti EPMM.
10. Organizations should keep track of software versions and upgrade periodically to avoid exploitation.
11. Follow us for the latest Cyber Security News.
Hashtags: #MobileIron #vulnerability #CyberSecurity #dataProtection #Ivanti #endpointManagement
https://cybersecuritynews.com/ivanti-mobileiron-api-access-flaw/
Salesforce Email Service Zero-Day Exploited in Phishing Campaign: Threat actors use a zero-day vulnerability in Salesforce's email service to conduct a phishing campaign. #Salesforce #phishingcampaign
https://www.securityweek.com/salesforce-email-service-zero-day-exploited-in-phishing-campaign/
Summary:
Google has awarded over $60,000 in bug bounties for three high-severity vulnerabilities in Chrome's V8 engine. The vulnerabilities have been patched with the Chrome 115 update.
Hashtags: #Google #vulnerabilities #bugbounties #ChromeUpdate
Note: The text provided is quite lengthy and contains a lot of irrelevant information. I have summarized the relevant parts related to the topic.
Ivanti zero-day exploited in Norwegian government attack since April. #Cybersecurity #ZeroDayAttack #NorwegianGovernment
Cybersecurity agencies warn about Ivanti EPMM vulnerabilities used in Norwegian attacks. #CybersecurityWarning #EPMMVulnerabilities
Unauthenticated hackers exploited Ivanti zero-day to compromise Norwegian government network. #ZeroDayExploit #NorwegianGovernmentAttack
Chained vulnerabilities in Ivanti EPMM allowed privileged access to systems. #ChainedVulnerabilities #EPMM
CISA and NCSC-NO concerned about widespread exploitation of Ivanti vulnerabilities. #CybersecurityConcerns #ExploitedVulnerabilities
US and Norwegian security agencies warn about combined exploits of Ivanti vulnerabilities in attacks. Ivanti patched two bugs, CVE-2023-35078 and CVE-2023-35081, with the latter enabling actors to gain privileged access and execute files. CISA advises patching both vulnerabilities by August 15 and August 21 respectively. MDM systems are attractive targets, and there is concern about widespread exploitation in government and private sector networks. #CISA #Ivanti #vulnerabilities #cybersecurity #exploits
https://www.infosecurity-magazine.com/news/cisa-in-new-warning-ivanti/
Malware-related cyber-threats in operational technology (OT) and Internet of Things (IoT) environments surged tenfold in the first half of the year. Denial-of-service (DoS) attacks and remote access trojans (RATs) were the most prevalent types of attacks. Distributed denial of service (DDoS) threats were the top threat in IoT networks. Trojans, malware, and ransomware were commonly detected alerts. Poor authentication and password hygiene were major security risks. The manufacturing, energy, healthcare, water, and wastewater sectors were the hardest hit. OT/IoT vulnerabilities remain high with 643 published during the period.
#Cybersecurity #OTsecurity #IoTsecurity #Malware #DoS #RAT #DDoS #Trojans #Ransomware #Authentication #PasswordHygiene
https://www.infosecurity-magazine.com/news/otiot-malware-surges-tenfold-six/
Russian cybersecurity executive, Nikita Kislitsin, is wanted by both Russia and the US for hacking charges. Kislitsin worked for Group-IB before it re-formed in Singapore as FACCT: Fight Against Cybercrime Technologies. The US accuses Kislitsin of hacking Formspring in 2012 and selling customer data. He was recently detained in Kazakhstan after requests for extradition from both countries. It is unclear if he will be tried if extradited, as Russia usually protects individuals who target unfriendly states. Kazakhstan's refusal to support Russia's military operation in Ukraine has caused tension. #RussianCybersecurity #HackingCharges #Extradition
https://www.infosecurity-magazine.com/news/russian-cybersecurity-exec-wanted/
Bugs With Impressive Names! Apple patches two zero-days, one for a second time. Cracked cryptosystem. Remembering dodgy PC/Mac ads. Apple ships Rapid Response spyware patch. TETRA radio system flaws. Don't rely on unverified data. Don't build backdoors. Zenbleed vulnerability in CPU performance. Data leaks through vector processing. #Apple #security #zero-day #cryptosystem #spyware #TETRA #CPU #vulnerability #dataleak #Zenbleed
https://nakedsecurity.sophos.com/2023/07/27/s3-ep145-bugs-with-impressive-names/
US Gov Rolls Out National Cyber Workforce, Education Strategy
#USGov #NationalCyberWorkforce #EducationStrategy
https://www.securityweek.com/us-gov-rolls-out-national-cyber-workforce-education-strategy/