1. Home
  2. Cybersecurity Events

Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

Google announces patch for a critical Android vulnerability, witholds details
published: Dec. 4, 2023
Google has identified a "critical security vulnerability" in Android (CVE-2023-40088) that enables remote code execution without extra privileges and plans to release a patch compatible with Android versions 11 to 14 in the next two days.
Take action: Don't delay your next Android phone update. It will carry important patches. Depending on the vendor you might wait for some weeks before the update is released for your phone.
Joomla! CMS releases patch for environment variable exposure flaw
published: Dec. 4, 2023
The Joomla! Project has released an update to address a vulnerability CVE-2023-40626 in versions 1.6.0-4.4.0 and 5.0.0. The flaw could allow attackers to access sensitive variables like database passwords. Joomla project is recommending an upgrade to versions 3.10.14-elts, 4.4.1, or 5.0.1.
Take action: The issue is not terrible but is unfortunate. Joomla has not listed exploit details but since the probability is ranked as low it means that the attacker needs to know the name of the environment variable beforehand to ask the proper exploit question. It's wise to patch, but not to rush immediately.
Critical Splunk Enterprise Vulnerability reported, PoC already available
published: Dec. 2, 2023
Splunk Enterprise faces a high-severity vulnerability (CVE-2023-46214) due to inadequate sanitization of user-supplied XSLT, affecting multiple versions and possibly leading to remote code execution, with mitigation steps including upgrading to safer versions or modifying the web.conf configuration file.
Take action: Because the attack requires authenticated credentials, the patching is not a panic mode. Communicate to all users of your Splunk system to be very careful with phishing attemtps and code they execute. Then proceed to patch the Splunk instance since it's not smart to keep a vulnerable system - someone will eventually be scammed into clicking an exploit.
VMware releases patch for critical Cloud Director authentication bypass
published: Dec. 1, 2023
VMware fixed a critical vulnerability (CVE-2023-34060) in Cloud Director Appliance 10.5, which allowed remote exploitation without user interaction and was unpatched for over two weeks. The patch is now available in version 10.5.1 and a temporary workaround was provided in the interim.
Take action: If you are using VMware Cloud Director that was updated to 10.5 from previous versions, it's time to patch the product to the latest version 10.5.1. Even if you applied the workaround, it's not smart to have a vulnerable system if you can easily patch it.
Apple releases emergency updates for two new WebKit vulnerabilities exploited by hackers
published: Nov. 30, 2023
Apple issued critical security updates for iOS, MacOS and Safari, to address two new zero-day vulnerabilities CVE-2023-42916 and CVE-2023-42917 in the WebKit browser engine on IPhone, Macs and iPads.
Take action: If you are using an Apple device, patch quickly. And be very careful about sites you visit in the meantime
Zyxel reports multiple critical vulnerabilities in their NAS devices
published: Nov. 30, 2023
Zyxel has issued an alert about critical security vulnerabilities in its NAS326 and NAS542 devices, which could allow unauthorized access and control, advising users to urgently update their firmware to specific versions as the primary solution.
Take action: If you are using ZyXel NAS devices, make sure it's not accessible from the internet, then patch immediately. Delaying this will only help hackers.
Arcserve Unified Data Protection reports three critical issues, exploit PoCs released
published: Nov. 29, 2023
Security researchers have released PoCs for three critical vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in Arcserve's UDP solution, which pose high risks (CVSS3 score 9.8) and can lead to unauthorized remote access and file uploads, prompting Arcserve to advise users to upgrade to or patch UDP version 9.2.
Take action: Upgrading a backup server is never an easy task, even with auto-update. Definitely first confirm that the server is isolated from internet access, and then plan for an update. Because a hacker will eventually arrive inside the network.
Google fixes Chrome vulnerability exploited by hackers - update now
published: Nov. 29, 2023
Google has released an urgent Chrome update to fix several vulnerabilities, including the actively exploited CVE-2023-6345, related to an integer overflow in the Skia graphics library, and other issues in Spellcheck, Mojo, WebAudio, and libavif, with updated versions rolling out for Mac, Linux, and Windows.
Take action: Update your Chrome (and Chromium based) browsers on all operating systems ASAP. That's Chrome, Opera, Brave, Edge. It takes less than 30 seconds, and it will relaunch all your windows after you restart. There is really no excuse not to do it, except being lazy. Hackers love lazy users.
Severe Vulnerabilities reported in in Ray Open Source Framework for AI/ML
published: Nov. 28, 2023
Critical Vulns Found in Ray Open Source Framework for AI/ML WorkloadsCritical Vulns Found in Ray Open Source Framework for AI/ML Workloads
Take action: If you are using Anyscale Ray framework, lock it inside a trusted network. And yet be conscious and communicate that you are still vulnerable to exploits, since an attacker can enter the network through other vectors. The AI systems - especially those that accept arbitrary input are a very big attack footprint, and you need to consider them very carefully.
ownCloud file sharing self-hosted platform reports critical bugs, PoC available
published: Nov. 25, 2023
Three critical vulnerabilities have been reported in ownCloud: CVE-2023-49103, which exposes sensitive data through a library flaw; CVE-2023-49105, allowing file access without authentication; and CVE-2023-49104, permitting redirection to attacker-controlled domains, with urgent remediation steps advised.
Take action: If you are using ownCloud, start applying the workarounds immediately. Beacuse it's a file sharing software, it's very probably exposed to the internet, so urgency is more than advised. With the available exploit PoC it's even more urgent to patch.