Dark Reading: Critical RCE Bug Opens Fortinet’s Secure Web Gateway to Takeover https://www.darkreading.com/application-security/critical-rce-bug-fortinet-secure-web-gateway-takeover
Tag Archives: Vulnerability
New State Sponsored APT Tools Built to Attack Industrial Control Systems
New State-Sponsored APT Tools Built to Attack ICS/SCADA Devices Exploiting Vulnerable Drivers
A state-sponsored threat group has developed new APT tools target and compromise industrial control systems via targeting vulnerable motherboard drives in multiple ICS devices.
Much more detail here:
CISA: https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
Mandiant: https://www.mandiant.com/resources/incontroller-state-sponsored-ics-tool
Google Emergency Patches Chrome’s 0-Day
Google responds quick to the actively exploited Chrome zero day bug to shutdown the cyberattacks observed from two threat groups in North Korea.
BleepingComputer – “Emergency Google Chrome update fixes zero-day used in attacks” : https://www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-used-in-attacks/
Apple iMessage Zero Click Attack Patch
“Go Update Your iPhone, iPad, Mac, and Apple Watch Right Now” via Gizmodo
More Detail: https://gizmodo.com/go-update-your-iphone-ipad-mac-and-apple-watch-right-1847667694
More Network Routers Actively Being Attacked
“Actively exploited bug bypasses authentication on millions of routers” via Sergiu Gatlan | Bleeping Computer
“Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads.
The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass”….
More detail here: https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/
Microsoft Updates Workaround for ACL and SAM Vulnerability
- CVE-2021-36934 | Windows Elevation of Privilege Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934
China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
New Law in China Requires Researchers to Report All Zero-Day Bugs to Government
— Read on thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html
Microsoft Releases Fix to PrintNightmare
“Out-of-Band (OOB) Security Update available for CVE-2021-34527” via Microsoft Security Response Center
“Today Microsoft released an Out-of-Band (OOB) security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we released today fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections.”
More detail: https://msrc-blog.microsoft.com/2021/07/06/out-of-band-oob-security-update-available-for-cve-2021-34527/
Microsoft Gives Guidance to Mitigate PrintNightmare
“Microsoft shares mitigations for Windows PrintNightmare zero-day bug” via Sergiu Gatlan
“Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare.
This remote code execution (RCE) bug—now tracked as CVE-2021-34527—impacts all versions of Windows per Microsoft, with the company still investigating if the vulnerability is exploitable on all of them.
CVE-2021-34527 allows attackers to take over affected servers via remote code execution with SYSTEM privileges as it enables them to install programs, view, change, or delete data, and create new accounts with full user rights”
For more detail: https://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/
Cybersecurity Today 