More CyberWatch

January 4, 2024

Critical Kernel Level Vulnerability Present in Apple Devices, PoC Code Available

A vulnerability was discovered in iOS/iPadOS 16 and macOS 13 by Félix Poulin-Bélanger identified as CVE-2023-41974. Poulin-Bélanger recently generated extensive proof-of-concept code, which can win a race condition and exploit a use-after-free which results in Kernel read and write operations. This vulnerability was recently patched by Apple in a security release for iOS and iPadOS 17. There are also updates for macOS regarding other use-after-free vulnerabilities here.

Read more
January 2, 2024

Anna Jacques Hospital Victim of Cyberattack

On Christmas Day, Anna Jaques Hospital, a healthcare facility in Newburyport, MA, experienced a severe cyberattack that caused a critical outage in its medical records system. This incident had immediate repercussions, causing the diversion of ambulances to other medical facilities until the hospital was able to receive patients again on December 26, 2023.

Read more
December 28, 2023

Actively Exploited Zero-Day Reported by Barracuda

Barracuda has an ongoing investigation regarding a threat actor exploiting an arbitrary code execution vulnerability affecting its Email Security Gateway Appliance (ESG). The vulnerability, tracked as CVE-2023-7102, is a zero-day which affects an open-source third-party library called Speadsheet::ParseExcel. Using this library, attackers can deploy a specially crafted Excel email attachment to targeted ESG devices.

Read more
December 27, 2023

Zero-day vulnerability for Apache OFBiz, Patch Now!

A critical vulnerability has been discovered in Apache OFBiz resulting from an incomplete fix to CVE-2023-49070. Discovered by SonicWall, this CVE is classified as CVE-2023-51467 and is being tracked as an Authentication Bypass vulnerability. According to NVD, this vulnerability allows for attackers to bypass authentication to achieve a simple Server-Side Request Forgery. This vulnerability can be considered a zero-day as there is proof-of-concept code available from SonicWall’s investigation.

Read more
December 27, 2023

Google Chrome Zero-Day being Actively Exploited - Patch Now!

Google released an advisory on December 20th detailing a new Stable Channel update for Desktop. In this release a vulnerability known as CVE-2023-7024 was patched and was reported that an exploit for this vulnerability exists in the wild. Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group were responsible for discovering and reporting on this zero-day vulnerability. Not much information is available at this time for CVE-2023-7024, but it is described as a heap buffer overflow in WebRTC.

Read more
December 20, 2023

Critical Vulnerability in Perforce Helix Core Server

Microsoft has identified several vulnerabilities in Perforce Helix Core Server, the most critical of which is CVE-2023-45849. With a CVSS score of 9.8, this vulnerability allows arbitrary code execution which results in privilege escalation. This vulnerability manifests if the administrator setting up the server does not run the “p4 protect” command immediately after installing the server. Without this command, an unauthenticated anonymous attacker could run arbitrary command lines (powershell) as LocalSystem when Perforce Server is installed in its default configuration.

Read more
December 18, 2023

FXC Wireless LAN Routers Vulnerable to Zero-Day

An OS command injection vulnerability exists in AE1021PE/AE1021 routers in firmware version 2.0.9 and earlier. The vulnerability is classified as CVE-2023-49897 and has a CVSS score of 8.8 HIGH. If exploited, the vulnerability allows an arbitrary OS command to be executed by an attacker who can login to the product. This vulnerability is currently under active exploitation by the “InfectedSlurs” botnet and has been designated a zero-day vulnerability.

Read more
December 14, 2023

Microsoft December 2023 Patch Tuesday

Every second Tuesday of the month, Microsoft releases many security fixes to several of its software solutions. This is known as “Patch Tuesday.” December 2023 was a lighter patch Tuesday than usual, with only a small number of critical vulnerabilities that require patching. Of the 33 vulnerabilities reported, 4 are rated ‘critical’ and 29 ‘important.’

Read more
December 12, 2023

Bittersweet Reality: The Hershey Company’s Data Breach Incident

The Hershey Company, a renowned candy manufacturer, recently experienced a significant data breach impacting 2,214 individuals. The breach, occurring between September 3 and 4, originated from a targeted phishing attack on employee accounts. Despite the breach being promptly detected, the company is actively collaborating with a forensics team and law enforcement to assess the incident's impact.

Read more