Attacks

Microsoft released patches for ProxyNotShell on Tuesday, November 8th, 2022. Due to the high severity nature of these vulnerabilities, it is strongly recommended to update all Microsoft Exchange servers as soon as possible. https://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/

Synology urges all VPN Plus Server for SRM (Synology Router Manager) users patch as soon as possible to the latest version. Users can apply updates by: 1. Logging into Synology Desktop environment2. Opening the Package Center app3. Click Update on the left panel to see available updates. Click the Update buttons or Update All to update packages. https://www.bleepingcomputer.com/news/security/synology-fixes-maximum-severity-vulnerability-in-vpn-routers/ https://nvd.nist.gov/vuln/detail/CVE-2022-43931 https://www.synology.com/en-us/security/advisory/Synology_SA_22_26 https://kb.synology.com/en-nz/SRM/help/SRM/PkgManApp/manage?version=1_2

As long as the interest and shortages continue, cybercriminals will continue to attempt to impersonate Flipper Zero through fake shops to trick security enthusiasts into giving up their personal information and crypto. Due to this, it is vital to be on the lookout for these promotions and shops claiming immediate product availability and only buy from the official store. https://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/

Threat actors with access to stolen, sensitive data have many options to utilize this data in a malicious manner. In this case, the threat group decided to use confidential data as lures in phishing emails to carry out a second attack against victims. Whenever a company is alerted to a breach and makes it public, all customers who believe they may have had data compromised should remain vigilant to the use of this data in…

WordPress is a very common website platform because it is free and easy to use, but this also makes it a more desirable target for threat actors. Keeping a WordPress site up to date is crucial. Fortunately, WordPress does have an automatic update feature which Binary Defense strongly recommends that users enable. Because many plug-ins are community created and distributed, often times critical updates can be slow to release, if an update comes at all.…

Users of the above Netgear devices should update their firmware as soon as possible. Netgear support documentation provides update instructions for affected users: 1. Visit NETGEAR Support: https://www.netgear.com/support/2. Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.3. If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for…

It is highly recommended to patch any Citrix devices in an organization’s environment as soon as possible if they are vulnerable to either of these vulnerabilities. Since at least one of them is known to have threat actors actively exploiting it, the sooner the devices can be patched, the less chance that a threat actor will be able to compromise it and spread throughout an organization. It is recommended that organizations update their Citrix applications…