2023, Firmware and Security Defenses - Cyber Security Informer

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software

Software Education Ransomware Firmware

Barracuda SecureEdge SASE Review 2023

eSecurity Planet

SEPTEMBER 22, 2023

These one, three, and five year subscriptions provide enhanced support for the hardware, firmware maintenance, security updates, and optional participation in early-release firmware updates. Subscribe The post Barracuda SecureEdge SASE Review 2023 appeared first on eSecurity Planet. You can unsubscribe at any time.

Firewall

Firewall Marketing Firmware Technology

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

eSecurity Planet

FEBRUARY 2, 2024

Teslas Get the Spotlight in Recent Ethical Hacking Efforts Researchers have discovered multiple vulnerabilities within Teslas since March 2023. Rapid7’s Zero Day Initiative hosts an event called Pwn2Own, and at the 2023 event, computer security firm Synactiv hacked a Tesla computer within two minutes.

Hacking

Hacking IoT Firmware Cybersecurity

VulnRecap 1/16/24 – Major Firewall Issues Persist

eSecurity Planet

JANUARY 16, 2024

The vulnerability can be tracked as CVE-2023-29357. January 11, 2024 Smart Thermostat from Bosch Puts Offices in Danger Type of vulnerability: Malicious commands sent from an attacker to the thermostat, including potentially replacing firmware with rogue code. The report didn’t become publicly available until January 11.

Firewall

Firewall Firmware IoT Authentication

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

eSecurity Planet

SEPTEMBER 9, 2024

September 2, 2024 RansomHub Exploits Multiple Vulnerabilities to Attack Critical Sectors Type of vulnerability: Multiple security flaws from major organizations. ” To reduce risks, replace unsupported equipment, apply available firmware updates, and keep an accurate IT asset inventory. or later to fix the vulnerability.

Firmware

Firmware Backups Firewall Risk

The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

Security Affairs

JULY 14, 2023

Researchers from ESET discovered in March a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1 ” explained Matrosov.

Firmware

Firmware Malware Hacking CISO

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities. CVE-2023-6548 is a remote code execution vulnerability for an authenticated user, and CVE-2023-6549 is a denial-of-service vulnerability. EPMM versions 11.10, 11.9

Authentication

Authentication Malware VPN Mobile

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. The fix: Patch or isolated vulnerable Windows systems.

IoT

IoT Internet Internet Ransomware

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). The vulnerability is tracked as CVE-2023-31315 and has a CVSS score of 7.5. This can happen even when SMM is locked.

Firmware

Firmware Software Wireless Security Defenses

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). The vulnerability is tracked as CVE-2023-31315 and has a CVSS score of 7.5. This can happen even when SMM is locked.

Firmware

Firmware Software Wireless Security Defenses

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. The fix: CocoaPods fixed these flaws and reset all user sessions since October 2023. CVE-2023-2071 exploits insufficient input validation to upload and load malicious DLLs, resulting in remote code execution.

Risk

Risk Authentication Firmware Surveillance

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

eSecurity Planet

SEPTEMBER 2, 2024

The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), Threat actors exploited this weakness to incorporate devices into botnets, affecting devices running firmware versions up to FullImg-1023-1007-1011-1009. 13o), Gen 6 (to version 6.5.4.15.116n), and Gen 7 (to any version above 7.0.1-5035).

Risk

Risk Firewall Firmware Engineering

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

Timothy Hjort discovered these vulnerabilities , which allow the execution of OS commands and the uploading of malicious files, compromising the security of affected devices. The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0 17)C0 for NAS326 and 5.21(ABAG.14)C0 Users should apply these updates right away to protect their devices.

Malware

Malware Authentication Software Telecommunications

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

Immediately update your QNAP devices to the most recent firmware to mitigate these issues. GitLab also patched six medium-severity vulnerabilities, including CSRF via Kubernetes Agent Server, ( CVE-2023-7045 ) and DoS ( CVE-2024-2874 ). Check for future updates and be cautious while sharing download links to avoid exploitation.

Backups

Backups Authentication DDOS Engineering

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

This feature can be included in firmware, in operating systems, or as a feature in open-source, shareware, or commercial applications. Full-disk encryption protects against the theft of the device or hard drive when they are powered down by rendering the contents of the device unreadable without the security key.

Encryption

Encryption Passwords Authentication Password Management

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. The fix: ASUS released firmware updates to address the vulnerabilities.

VPN

VPN Authentication Firmware Phishing

Cyber Security Informer

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

Barracuda SecureEdge SASE Review 2023

Trending Sources

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

VulnRecap 1/16/24 – Major Firewall Issues Persist

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

Types of Encryption, Methods & Use Cases

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

Stay Connected