2/16/24: Fortinet CVEs, JCDC priorities, NIST software supply chain security publication...

Here are this week's security highlights:

New CVEs disclosed in Fortinet

Fortinet disclosed a critical out-of-bounds vulnerability in its FortiOS SSL VPN technology that the vendor warned is likely already being exploited in the wild. The vulnerability, identified as CVE-2024-21762, allows an unauthenticated attacker to execute arbitrary code or commands on affected systems via maliciously crafted HTTP requests. This was one of four CVEs disclosed by Fortinet last week.

CISA releases 2024 priorities for the Joint Cyber Defense Collaborative

The Cybersecurity and Infrastructure Security Agency on Monday released the 2024 priorities for the Joint Cyber Defense Collaborative, an operational-focused government and private collaborative. The three priorities are:

1. Defend Against Advanced Persistent Threat (APT) Operations
2. Raise the Cybersecurity Baseline
3. Anticipate Emerging Technology and Risks

Microsoft confirms Windows exploits bypassing security features

Microsoft on Tuesday rolled out a massive batch of security-themed software updates and called urgent attention to at least three vulnerabilities being exploited in live malware attacks. One of the exploited bugs — CVE-2021-43890 — dates back to 2021. Microsoft also urged Windows admins to pay attention to a pair of security feature bypass bugs — CVE-2024-21412 and CVE-2024-21351 — being exploited in malware attacks.

NIST releases special publication on software supply chain security

The new special publication, SP 800-204D, aims to support DevSecOps and defend organizations’ software supply chain against cyber attacks and defects resulting from due diligence gaps, NIST said Monday. The publication dives into the integration of the security of software development life cycles into continuous integration/continuous delivery pipelines of organizations’ cloud-native applications.

'SNS Sender' Abuses AWS for bulk smishing attacks

A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture victims' personally identifiable information (PII) and payment card details, SentinelOne said in a new report, attributing it to a threat actor named ARDUINO_DAS.

Subscribe for weekly updates!