January 23, 2024

Good morning, everyone!

I was so overwhelmed with the number of fixes, patches, vulnerabilities and active exploits this week, I couldn't choose just one to write about. So here's a sampling:

Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild

Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported versions.

Citrix has recommended that to combat CVE-2023-6548, which impacts management interfaces, "network traffic to the appliance's management interface [should be] separated, either physically or logically, from normal network traffic. In addition, we recommend that you do not expose the management interface to the Internet."

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE

The majority of internet-exposed SonicWall next-generation firewall series 6 and 7 devices have not been patched against two potentially serious vulnerabilities, cybersecurity firm Bishop Fox reports.

Ivanti vulnerabilities now actively exploited in massive numbers

The workaround requires importing a mitigation.release.20240107.1.xml file which can be obtained via the download portal (login required).

Information Stealer Exploits Windows SmartScreen Bypass

The security defect, tracked as CVE-2023-36025 (CVSS score of 8.8), came to light on November 14, 2023, when Microsoft released patches for it and the US cybersecurity agency CISA added it to its Known Exploited Vulnerabilities catalog, based on evidence of in-the-wild exploitation.

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems.

Tracked as CVE-2023-49722 (CVSS score: 8.3), the high-severity vulnerability was addressed by Bosch in November 2023.

Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP

GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction.

GitLab said it addressed the issue in GitLab versions 16.5.6, 16.6.4, and 16.7.2, in addition to backporting the fix to versions 16.1.6, 16.2.9, 16.3.7, and 16.4.5. The company further noted the bug was introduced in 16.1.0 on May 1, 2023.

Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches

Juniper Networks has published more than two dozen security advisories to inform customers about well over 100 vulnerabilities affecting its products, with a majority of the flaws impacting third-party components.

The company has released patches and mitigations for the vulnerabilities, most of which affect its Junos operating system.

Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew

Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list.

CISA, FBI warn on risks of China-made drones

The FBI and the Cybersecurity and Infrastructure Security Agency issued new guidance on Wednesday, addressing security concerns surrounding Chinese-manufactured unmanned aircraft systems. The agencies are warning owners and operators of critical infrastructure that Chinese-manufactured drones could surreptitiously collect data and images on critical infrastructure operations while providing a vector for cyber attacks. 

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Have a great week!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺