| title | date | draft | logo |
|---|---|---|---|
October 8, 2023 |
2023-10-08 00:00:00 +0545 |
false |
images/infosec/default.png |
{{< toc >}}
Cisco has issued crucial updates to rectify a severe security vulnerability in Emergency Responder. The flaw, identified as CVE-2023-20101 with a CVSS score of 9.8, stems from hardcoded credentials for the root account, typically intended for development purposes. This vulnerability enables remote, unauthenticated attackers to exploit the static credentials, potentially granting unauthorized access to the affected system. If successfully exploited, the attacker could gain entry and execute unrestricted commands as the root user, posing a significant security risk.
• Cisco Emergency Responder Release 12.5(1)SU4 and 12.5(1)SU5
https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html
• It's highly recommended to update to the latest version to mitigate potential threats.
CVE-2023-20101
In a rapidly evolving digital landscape, Apple is once again at the forefront of security by rolling out essential updates to its iOS and iPadOS platforms. These updates come in response to the active exploitation of a zero-day vulnerability known as CVE-2023-42824, and they bring critical improvements to device security. CVE-2023-42824 represents a kernel vulnerability, potentially exploitable by a local attacker to escalate their privileges. While the exact nature of the attacks and the identity of the threat actors remain shrouded in mystery, it's crucial to grasp that successful exploitation may require an attacker to have already gained initial access through alternative means. Apple has acted swiftly to address this vulnerability by releasing iOS 17.0.3 and iPadOS 17.0.3 updates. These updates include improved checks aimed at mitigating the threat posed by CVE-2023-42824. Apple's commitment to user safety is further evident, as this marks the 17th zero-day flaw they have addressed in their software since the beginning of the year.
• iPhone XS and later • iPad Pro 12.9-inch 2nd generation and later • iPad Pro 10.5-inch • iPad Pro 11-inch 1st generation and later • iPad Air 3rd generation and later • iPad 6th generation and later • iPad mini 5th generation and later
https://thehackernews.com/2023/10/apple-rolls-out-security-patches-for.html
• It is imperative to install the latest iOS and iPadOS updates promptly. To do this, navigate to 'Settings,' then 'General,' and finally 'Software Update.' Ensure your device is running iOS 17.0.3 or iPadOS 17.0.3.
CVE-2023-42824
A new Android banking trojan called GoldDigger has been discovered, targeting over 50 Vietnamese financial applications, with potential expansion into the wider APAC region and Spanish-speaking countries. Detected by Group-IB in August 2023, the malware has likely been active since June 2023. GoldDigger impersonates Vietnamese government portals and energy companies to request intrusive permissions, abusing Android's accessibility services to extract personal information, steal banking credentials, intercept SMS messages, and enable various user actions. Victims are lured through fake websites, and the malware's success relies on enabling the "Install from Unknown Sources" option, posing a significant threat due to its advanced protection mechanism, making it challenging to detect and analyze.
• Vietnamese Financial Applications
https://thehackernews.com/2023/10/golddigger-android-trojan-targets.html
• Download only the legitimate application. • Scan the application before installing • Avoid downloading suspicious application that asks for personal info and asks for permission to get access to your data
Sony Interactive Entertainment LLC ("SIE") has acknowledged that the MOVEit vulnerability led to a data compromise at its company. Thousands of current and former workers in the United States, as well as their families, were impacted by the data leak.
Sony stated that the attackers were able to have unauthorized access to MOVEit servers and steal data that was being moved using the program in a data breach notice filed with the Office of the Maine Attorney General.
Between May 28 and May 30, 2023, there was a data breach, and the information that was taken included "names and other personal identifiers combined with Social Security Numbers (SSNs)."
• Sony
https://www.hackread.com/sony-data-breach-moveit-vulnerability-us/
• A proactive approach to data security, coupled with a well-defined response plan, is the best defense against the ever-present threat of data breaches.
Microsoft has taken action to address two high-severity zero-day vulnerabilities affecting various open-source software, including Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and the WebP images extension. These vulnerabilities, previously identified with the CVE IDs CVE-2023-4863; a heap buffer overflow vulnerability in libwebp, allowing out-of-bounds memory to write via a crafted HTML page and CVE-2023-5217; A heap buffer overflow vulnerability in vp8 encoding in libvpx, leading to heap corruption via a crafted HTML page, have been categorized with a severity score of 8.8 (High).
• Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and WebP images extension.
https://cybersecuritynews.com/microsoft-teams-edge-zero-days-vulnerabilities/
• Apply the provided security updates promptly to mitigate the risk of potential exploitation
CVE-2023-4863 and CVE-2023-5217