InfoSec News 202307011
Top News
-
Microsoft finally fixes broken Surface Pro X laptop cameras
"Microsoft is finally rolling out a driver update to address a known issue causing built-in cameras on ARM-based Windows devices (including Surface Pro X laptops) to stop working.
Since May 23, numerous customers have encountered issues with cameras suddenly ceasing to function, as reported by many affected users.
When it acknowledged the bug, Redmond stated that the bug does not affect cameras connected via USB, even when connected to Windows devices impacted by this known issue.
The issue can now be resolved on affected devices by installing the updated camera driver, which will roll out via Windows Update in the coming weeks."
TLP1 : Green
-
VMware warns of exploit available for critical vRealize RCE bug
"VMware warned customers today that exploit code is now available for a critical vulnerability in the VMware Aria Operations for Logs analysis tool, which helps admins manage terabytes worth of app and infrastructure logs in large-scale environments.
The flaw (CVE-2023-20864) is a deserialization weakness patched in April, and it allows unauthenticated attackers to gain remote execution on unpatched appliances.
Successful exploitation enables threat actors to run arbitrary code as root following low-complexity attacks that don't require user interaction."
TLP1 : Green
-
Apple releases emergency update to fix zero-day exploited in attacks
"Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads.
"Apple is aware of a report that this issue may have been actively exploited," the company says in iOS and macOS advisories when describing the CVE-2023-37450 vulnerability reported by an anonymous security researcher.
"This Rapid Security Response provides important security fixes and is recommended for all users," Apple warns on systems where the RSR patches are being delivered.
RSR patches have been introduced as compact updates designed to address security concerns on the iPhone, iPad, and Mac platforms, and they serve the purpose of resolving security issues that arise between major software updates, according to this support document."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Europe Signs Off on a New Privacy Pact That Allows People’s Data to Keep Flowing to US
"The European Union signed off Monday on a new agreement over the privacy of people’s personal information that gets pinged across the Atlantic, aiming to ease European concerns about electronic spying by American intelligence agencies.
The EU-U.S. Data Privacy Framework has an adequate level of protection for personal data, the EU’s executive commission said. That means it’s comparable to the 27-nation’s own stringent data protection standards, so companies can use it to move information from Europe to the United States without adding extra security."
TLP1 : Green
-
New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security
"Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains.
"We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns," the company said in its Release Notes for Firefox 115.0 shipped last week.
The company said the openness afforded by the add-on ecosystem could be exploited by malicious actors to their advantage."
TLP1 : Green
-
A Cybersecurity Wish List Ahead of NATO Summit
"As tomorrow’s NATO Summit in Vilnius, Lithuania approaches, SecurityWeek questions what NATO should do about cybersecurity.
The Russia/Ukraine conflict offers an historic opportunity to NATO in strengthening and enlarging the military alliance. Finland has joined NATO, Sweden has applied to join NATO, and Ukraine wishes to join NATO. Such discussions will likely provide the main headlines coming from the 2023 NATO Summit taking place July 11-12.
But NATO has another opportunity to benefit from the war in Ukraine — a closer and more integrated cybersecurity program."
TLP1 : Green
-
Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack
"Ventia provides long-term management, maintenance, and operations services for critical infrastructure organizations and for private entities across the defense, electricity and gas, environmental services, and water industries.
The company says it operates more than 400 sites in Australia and New Zealand, with a combined employee base of over 35,000.
In an incident notice on Saturday, the company announced that it decided to take some key systems offline in response to the incident, and that it had engaged with external experts and law enforcement to investigate it."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Razer investigates data breach claims, resets user sessions
"Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter.
Razer is a popular American-Singaporean tech firm focusing on gaming hardware, selling high-quality peripherals, powerful laptops, and apparel.
The company also sells services that give registered account holders access to extensive game collections, special in-game item offers, exclusive rewards, and more through its Razer Gold payment system.
Information about a potential data breach at the company emerged on Saturday, when someone posted on a hacker forum that they had stolen the source code, database, encryption keys, and backend access logins for Razer.com, the company's main website."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits
-
Experts released PoC exploit for Ubiquiti EdgeRouter flaw
"The CVE-2023-31998 flaw (CVSS v3 5.9) is a heap overflow issue impacting Ubiquiti EdgeRouters and Aircubes, an attacker can exploit it to potentially execute arbitrary code and interrupt UPnP service to a vulnerable device.
The flaw resides in the miniupnpd service and can be exploited by a LAN attacker.
The vulnerability affects EdgeRouters 2.0.9-hotfix.6 and earlier and AirCube firmware version 2.8.8 and earlier.
Vulnerability reporting firm SSD Secure Disclosure published technical details for the now patched vulnerability, its experts have developed a proof of concept that was successfully tested against another Ubiquiti device, EdgeRouter-X, whose latest firmware suffers from the same vulnerability."
TLP1 : Green
-
Microsoft: Windows 11 21H2 reaching end of service in October
"Microsoft warned customers today that multiple editions of Windows 11, version 21H2, will reach the end-of-service (EOS) in three months, on October 10, 2023.
This applies to Windows 11 21H2 editions released in October 2021: Home, Pro, Pro Education, and Pro for Workstations.
"These editions will no longer receive security updates after October 10, 2023," Microsoft announced Monday.
"Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 11 to remain supported."
After the end-of-service date, Windows 10 21H2 devices running the above Home and Pro editions will no longer receive security and monthly quality updates with fixes and patches for newly discovered bugs and security issues."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Zero Trust Keeps Digital Attacks From Entering the Real World
"Around the world, critical infrastructure — including energy, transportation, and healthcare — is rapidly digitizing. Companies are connecting information technology (IT) and operational technology (OT) to increase operational efficiency and reduce costs. But converging these systems without also taking effective security measures creates unacceptable levels of risk. Organizations need to adopt and exercise an "assume breach" mindset, recognizing that breaches are inevitable, and policies need to be in place to stop a bad actor and limit their impact once they are in the system."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Deepfake Quantum AI Investment Scam Pops Up on Facebook
"Martin Lewis, a financial journalist and broadcaster, was recently seen promoting an investment scam on Facebook — though, in reality, the widely circulated advertisement was a deepfake video impersonation promoting a Quantum AI investment.
Lewis, who said he does not advertise or promote investments such as these, quickly took to social media to put things in order, debunking any assertion that he was behind such an ad."
TLP1 : Green
-
Amazon Prime Day Draws Out Cyber Scammers
"Amazon Prime Day runs from July 11-12, but scammers have already started to capitalize on the worldwide shopping event, which promises exclusive deals for a short time only.
In the days leading up to the Amazon Prime Day sale, cybersecurity experts are already warning they have seen an uptick in malicious activity aimed at both shoppers and retailers."
TLP1 : Green
-
Microsoft Edge's Bing AI sidebar will remember previous conversations
"Microsoft's Edge browser continues to enhance its 'Copilot experience' with the Bing AI-powered sidebar.
The feature offers various features, such as summarizing financial reports, comparing financials of different companies, and even aiding users in creating and editing content like LinkedIn posts. Its adaptive functionality understands the web page in use.
However, the Bing AI sidebar in Edge does not currently support the ability to recall previous conversations. Microsoft plans to address this issue by adding a memory feature, allowing Bing AI to remember and continue from where a user left off in a previous interaction."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.