CyberSecurity Updates

13 Jan

Microsoft: Exchange Server 2013 Reaches End of Support in 90 days

Attacks, Malware

Microsoft recommends upgrading on-premises Exchange Server 2013 servers to Exchange Server 2019 to keep receiving bug fixes and security updates for new flaws. However, before deploying new Exchange Server 2019 installations across servers running software quickly reaching EOS, admins should ensure that network, hardware, software, and clients meet the requirements. Redmond also advises admins to migrate to its hosted Exchange Online email and the calendaring client as an alternative option, available as an Office 365…

Read More
13 Jan

NSA Director Pushes Congress to Renew Surveillance Powers

Information, News

A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats. The remarks by Army Gen. Paul Nakasone, director of the National Security Agency, opened what’s expected to be a contentious debate over provisions of the Foreign Intelligence Surveillance Act that expire at year’s end. The bipartisan consensus in favor of expanded…

Read More
13 Jan

Most Cacti Installations Unpatched Against Exploited Vulnerability

Information, News

Most internet-exposed Cacti installations have not been patched against a critical-severity command injection vulnerability that is being exploited in attacks. An open-source web-based network monitoring and graphing tool that offers an operational monitoring and fault management framework, Cacti is a front-end application for the data logging utility RRDtool. In early December 2022, the tool’s maintainers announced patches for CVE-2022-46169, a critical-severity (CVSS score 9.8) command injection flaw that could allow unauthenticated attackers to execute code…

Read More
13 Jan

Cyber attack against Royal Mail linked to Russian hackers

Attacks, Data Breaches

A cyber attack against the UK postal service Royal Mail which saw the company request that customers stop sending mail abroad via its services has been linked to Russian hackers. Royal Mail informed the public of the cyber attack on January 11, saying it had caused “severe disruption” to the computerized systems used to send mail abroad. The company “immediately launched an investigation into the [cyber] incident” and utilized the help of the UK’s National…

Read More
13 Jan

Exploitation of Control Web Panel Vulnerability Starts After PoC Publication

Information, News

Security researchers are observing exploitation attempts targeting a critical Control Web Panel (CWP) vulnerability, following the publication of proof-of-concept (PoC) code in early January. Formerly CentOS Web Panel, CWP is a popular, free web hosting panel for enterprise-based Linux systems, offering support for the management and security of both servers and clients. Tracked as CVE-2022-44877 (CVSS score of 9.8), the exploited vulnerability allows unauthenticated attackers to achieve remote code execution (RCE) on impacted systems. The…

Read More
13 Jan

Royal ransomware group actively exploiting Citrix vulnerability

Data Breaches, Malware, Social Engineering

The Royal ransomware group is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway. There were no known instances of the vulnerability being exploited in the wild at the time…

Read More
12 Jan

Now you can legally repair your tech – sort of

Information

A new law portends a future where (we hope) it will be easier for us all to repair, fix, upgrade, and just tinker with things we already own Want to secure, patch, upgrade, or modify tech you own? You may not be able to, if some manufacturers have anything to say about it. They view your use of their tech as a limited license, not ownership, and therefore strike back if you attempt to fix…

Read More
12 Jan

S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

Information

by Paul Ducklin THE CRYPTO CRISIS THAT WASN’T Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Call…

Read More
12 Jan

Juniper Networks Releases Security Updates for Multiple Products

Attacks, Insights, Malware

Original release date: January 12, 2023 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Read More
12 Jan

Tesla Returns as Pwn2Own Hacker Takeover Target

Information, Malware, News

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to complete vehicle compromise. Tesla, in tandem with Pwn2Own organizations Zero Day Initiative, is offering a $600,000 cash prize to any hacker capable of writing exploits that pivot through multiple systems in the car to gain arbitrary code execution. “Success here gets a big payout and, of course, a brand-new Tesla,” contest…

Read More