Microsoft has rated the previously exploited CVE-2022-37969 as being of high-severity, so now might be a good time to patch (264 words). What: New technical details and proof-of-concept code have become available…
Category: Breaches
More than 29K+ Fortinet systems in US have admin login screen exposed to the Internet—and two other updates on CVE-2022-40684
Here’s the latest on the authentication bypass flaw (CVE-2022-40684) in FortiOS, FortiProxy, and FortiSwitchManager [300 words] As of October 13, 2022, there were 24,924 servers in the US and 196,668 units globally,…
Multiple APTs Exploiting Zimbra Vulnerability CVE-2022-41352
Patch or mitigate now [300 words] What: Organizations using Zimbra Collaboration suite (ZCS) 8.8.15 and 9.0 should immediately update to Zimbra 9.0.0 P27 released on October 10. Those that cannot should implement…
Microsoft looking into reports of a third Exchange Server zero-day?
Security vendor that discovered bug recommends organizations limit IIS app operating privileges on Exchange Server [297 words] What: Microsoft apparently is looking into a report it received from South Korean cybersecurity vendor…
Update: Attackers actively exploiting recently disclosed authentication bypass vulnerability in FortiOS, FortiProxy and FortiSwitchManager
Key takeaway: Adversaries can exploit the vulnerability remotely to gain full control of affected systems [297 words]. What: Attackers have begun actively exploiting a critical authentication bypass vulnerability (CVE-2022-40684) that Fortinet privately…
GLPI warns of massive exploit activity targeting one of two critical flaws disclosed in Sept.
Key takeaway: Update now to latest versions of the IT asset management software. If you can’t, implement GLPIs recommended mitigation. Attackers are targeting the flaw to execute arbitrary code on insecure servers…
Pro-Russian group urges supporters to launch DDoS attacks against US civilian infrastructure
Key takeaway: Killnet briefly disrupted several US airport websites in DDoS attacks that could well be a precursor of more to come in the next few days. Airport websites in two-dozen states,…
Federal jury finds former Uber CISO guilty on criminal charges related to 2016 breach
Key takeaway: Don’t attempt to conceal a data breach. [293 words] What: A federal jury in California has convicted former Uber CISO Joseph Sullivan for attempting to conceal a 2016 data breach…
Attackers Demonstrate Novel Way to Compromise EXSi Hypervisors
Key takeaway: Don’t allow vSphere Installation Bundles (VIBs) to become a vehicle for sneaking malware into your environment. (276 words) What happened: A China-based threat actor installed multiple backdoors on ESXi hypervisors…