Exposures, Exposed! Weekly Round-up July 29 – August 4

Exposures, Exposed! Weekly Round-up July 29 – August 4

Step right up and get your copy of "Exposures, Exposed!" - your weekly guide through the ever-shifting landscape of cyber threats. Our team of experts is here to steer you through the intricacies of cybersecurity - handpicking the most pertinent exposure incidents each week.

Here’s what we’ve got for you this week:

WhatsApp Vulnerability Allows Python, PHP Execution

A critical vulnerability in WhatsApp for Windows allows attackers to execute Python and PHP scripts by sending them as attachments. The flaw, discovered by security researcher Saumyajeet Das, bypasses WhatsApp's file restrictions. While Meta is aware of the issue, the vulnerability persists in the latest version. Users are advised to avoid opening unknown file attachments from unverified sources.

The Takeaway: WhatsApp users should exercise caution when opening file attachments, especially from unknown senders, to prevent potential malware infections. Learn more here .

Apple Patches Dozens of Flaws in iPhones, Macs

Apple released security updates fixing critical vulnerabilities in iPhones, iPads, Macs, and other devices. The flaws, impacting iOS, iPadOS, macOS, watchOS, and Safari, could allow attackers to bypass security measures, steal data, or crash systems. Updates are available for most devices, including the latest iPhone 15 Pro models. Users are urged to update their devices immediately.?

The Takeaway: Apply the latest iOS, iPadOS, macOS, watchOS, and Safari updates to protect your Apple devices from security vulnerabilities. Learn more here .

Hackers Exploiting Critical ServiceNow Flaws

Hackers are actively exploiting critical vulnerabilities in ServiceNow software to steal sensitive data, according to cybersecurity experts. The flaws, identified as CVE-2024-4879 and CVE-2024-5217, allow attackers to gain full access to databases and exfiltrate information. The Cybersecurity and Infrastructure Security Agency (CISA) has warned federal agencies to patch the bugs by August 19. Multiple organizations across various industries have been targeted, with the U.S., UK, India, and the EU seeing the most significant impact. Researchers warn of mass scanning and exploitation attempts, emphasizing the urgency of applying available patches.

The Takeaway: Organizations using ServiceNow software must prioritize patching vulnerabilities CVE-2024-4879 and CVE-2024-5217 immediately to protect against data breaches. Learn more here .

Critical Acronis Flaw Exploited in the Wild

Cybersecurity firm Acronis has warned of active attacks exploiting a critical vulnerability in its Cyber Infrastructure (ACI) product. The flaw, tracked as CVE-2023-45249, allows remote code execution due to default passwords. While a patch was released last October, many systems remain unpatched. The Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its list of known exploited flaws. Given ACI's critical role in enterprise environments, successful attacks could have severe consequences. Acronis has urged customers to update their systems immediately.

The Takeaway: Organizations using Acronis Cyber Infrastructure must prioritize patching the CVE-2023-45249 vulnerability to prevent potential data breaches and system compromise. Learn more here .

Ransomware Gangs Exploit Critical ESXi Flaw

Ransomware operators are actively exploiting a vulnerability in VMware ESXi hypervisors to gain full administrative control, according to Microsoft researchers. The flaw, tracked as CVE-2024-37085, allows attackers to create a specific Active Directory group and elevate their privileges. This enables them to encrypt the hypervisor's file system, impacting hosted virtual machines and potentially exfiltrating data. VMware has released a patch, and Microsoft recommends urgent updates. Organizations using ESXi hypervisors should prioritize implementing the patch and following recommended security measures.

The Takeaway: Organizations with ESXi hypervisors must immediately apply the patch for CVE-2024-37085 and implement additional security measures to protect against ransomware attacks. Learn more here .

Hotjar, Business Insider Hit by Critical Vulnerabilities

Security researchers have uncovered critical vulnerabilities in web analytics platform Hotjar and news outlet Business Insider, potentially impacting millions of users. The flaws, involving cross-site scripting (XSS) and OAuth, could grant attackers full account control and access to sensitive data. These vulnerabilities highlight a broader issue within similar ecosystems, emphasizing the need for robust security practices when integrating new technologies. While patches may address immediate concerns, the underlying issue of XSS and OAuth misuse requires ongoing attention.

The Takeaway: Organizations using web analytics platforms and OAuth should conduct thorough security assessments to identify and mitigate potential vulnerabilities. Learn more here .

Google Releases Critical Chrome Security Patch

Google has issued an urgent update for its Chrome browser to address multiple vulnerabilities. The most critical flaw could lead to browser crashes and potential system compromises. Users are urged to update to Chrome version 127.0.6533.88/89 as soon as possible. While the update will be automatically distributed, users should manually check for updates to ensure protection.?

The Takeaway: Update your Chrome browser to the latest version immediately to protect against critical security vulnerabilities. Learn more here .

SolarWinds Patches Critical Access Flaws

SolarWinds has issued a critical patch addressing eight vulnerabilities in its Access Rights Manager (ARM) software. The flaws could have allowed attackers to steal sensitive data and execute malicious code. While no exploits have been confirmed, the potential impact was severe. The company's swift action prevented a potential disaster, highlighting the importance of timely security updates.

The Takeaway: Organizations using SolarWinds Access Rights Manager should apply the latest patch immediately to protect against potential cyberattacks. Learn more here .

That’s all for this week – have any exposures to add to our list? Let us know!



要查看或添加评论,请登录

社区洞察

其他会员也浏览了