News
Hi folks,
There weren't a lot of articles that jumped out to me this week, so for once this should be a quick read :-)
But there were a lot of stories that fell under the "issues" category, so make sure to skim that list to see if you use any of the affected software.
Enjoy your Friday!
UEFI vulnerabilities dubbed "PixieFail" allows full compromise of PXE installs
Not a real concern for most people, but if you run your own data center or work for a cloud provider it's definitely worth paying attention to.
In short, these vulnerabilities allow you to hijack PXE (aka netboot) installs, where servers pull the OS image they want to install from a remote server. An attacker would only need access to the network, no local foothold or high-level privileges, to trick the PXE system into installing a backdoored version of the OS.
Progress Software shakes off MOVEit’s financial consequences, maintains customers
With all the damage that the MOVEit exploitation caused, this isn't the kind of news that I like to read. Not that I want any company to go bankrupt, mind you. But it just brings home to me that there aren't enough consequences to companies for writing insecure software, and too few incentives for doing it right.
API landscape insights: Analysis of 6,000+ Public APIs.
Dive by into key insights on security, design, performance, and reliability of public APIs revealed through Escape’s extensive scanning process. (Sponsored)
CISA and FBI warn of Chinese-manufactured drones
Not new, but interesting to see yet another warning about this. I also didn't know that there's now a law in the US that prohibits federal entities from using foreign drones.
Southeast Asian casino industry supercharging cyber fraud, UN says
Interested read on the link between casino's and cybercrime, especially money laundering. It makes sense, but I never really thought about it. Also interesting to read about the role of the pandemic, which caused many casino's previously catering to tourists being switched over to focus on cybercrime.
Breaches and leaks
- Taiwanese semiconductor company hit by ransomware attack: link.
- Ransomware gang targets nonprofit providing clean water to world’s poorest: link.
- Kansas State University cyberattack disrupts IT network and services: link.
- Ransomware gang demands €10 million after attacking Spanish council: link.
- British Library restores access to online collection following ransomware attack: link.
- Ransomware attack on US Navy shipbuilder leaked information of nearly 17,000 people: link.
- Have I Been Pwned adds 71 million emails from Naz.API stolen account list: link.
Issues and fixes
- Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks: link.
- Ivanti Connect Secure zero-days now under mass exploitation: link.
- Atlassian warns of critical RCE flaw in older Confluence versions: link.
- Google fixes first actively exploited Chrome zero-day of 2024: link.
- Citrix warns of new Netscaler zero-days exploited in attacks: link.
- Juniper warns of critical RCE bug in its firewalls and switches: link.
- GitLab warns of critical zero-click account hijacking vulnerability: link.
- Critical Microsoft SharePoint bug now actively exploited: link.
- Joomla! vulnerability is being actively exploited: link.
- GitHub rotates keys to mitigate impact of credential-exposing flaw: link.
1Password: the password manager with (to me) the best UX
I'm not going to write a long marketing-heavy paragraph on this one. I just love using 1Password. The UX, the support, the integrations, it all works wonderfully. Highly recommended. (Sponsored)