Security News Headlines #110

Security News Headlines for today

Today's cybersecurity news covers a range of updates and alerts from major vendors like Cisco, Citrix, and Ivanti, as well as significant data breach disclosures and new exploits targeting widely-used platforms. From critical security patches to sophisticated threat actor discoveries, these stories highlight the ongoing challenges in securing networks and devices. We’ll also touch on advancements in open-source tools and techniques to combat these threats.

Cisco Releases Security Updates for Smart Licensing Utility
Cisco has issued patches for its Smart Licensing Utility, addressing vulnerabilities that could allow attackers to bypass security mechanisms. Users are urged to apply updates to protect systems from exploitation of these flaws.

CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Agencies are advised to prioritize patching to prevent potential attacks, as these flaws are actively being targeted by threat actors.

Ivanti Releases Security Updates for Endpoint Manager and Workspace Control
Ivanti has rolled out updates to address vulnerabilities in its Endpoint Manager Cloud and Workspace Control. These updates are critical for preventing unauthorized access and potential exploitation.

Citrix Releases Security Updates for Workspace App on Windows
Citrix has released patches for the Citrix Workspace app on Windows, fixing security flaws that could be exploited by attackers to compromise user devices. Prompt updates are recommended for users to stay protected.

CISA Releases Four Industrial Control Systems Advisories
CISA has issued advisories for multiple industrial control systems (ICS) vulnerabilities. Operators of critical infrastructure are advised to review and address these flaws to safeguard against potential cyberattacks.

Security Advisory on Medtronic's Micra Pacemaker Models
CISA has released a medical advisory regarding vulnerabilities in Medtronic's Micra pacemakers. Exploitation could disrupt the functionality of these devices, posing a risk to patients, and updates are recommended.

Bug Left Some Windows PCs Dangerously Unpatched
A bug in Windows Update left several Windows PCs vulnerable by failing to apply critical patches. The issue has now been fixed, but users are encouraged to double-check their systems to ensure patches have been applied.

SLIM CD Discloses Data Breach
SLIM CD, a payment processing provider, disclosed a data breach affecting customer information. The incident raises concerns about the security of financial transactions, and customers are advised to monitor their accounts closely.

FIN7 Threat Group Case Study Uncovered
Intel471 reveals insights into the notorious FIN7 group, detailing its sophisticated methods to breach networks. This case study underscores the need for advanced threat hunting techniques to identify and neutralize such actors.

CryptBot: Yet Another Silly Stealer (YASS)
Intezer Labs uncovers CryptBot, a data-stealing malware targeting personal and financial information. Despite being a low-tier stealer, its wide distribution makes it a significant threat to unsuspecting users.

Top Open Source Cybersecurity Tools of 2024
Help Net Security reviews top open-source cybersecurity tools, offering alternatives for organizations looking to bolster their defenses without high costs. These tools cover areas from vulnerability scanning to incident response.

WhatsApp’s “View Once” Privacy Feature Hacked
Security researchers discovered a flaw in WhatsApp's "View Once" feature, allowing attackers to bypass restrictions and permanently save the content. This raises concerns about the app's privacy protections.

Quad7 Botnet Targets SOHO Routers and Media Servers
The Quad7 botnet is now actively targeting small office/home office (SOHO) routers and media servers, exploiting unpatched devices to spread malware. Users are urged to update firmware and strengthen network security.

Google Pushes Rust in Legacy Firmware to Address Memory Safety Issues
Google is introducing the Rust programming language in its legacy firmware as a way to tackle memory safety vulnerabilities. This move could reduce the number of exploitable bugs in devices using older firmware.

Mitigating GitHub Actions Risks
GitHub Actions, widely used for automating software workflows, poses security risks if not properly configured. Legit Security outlines mitigation strategies to prevent unauthorized access and code execution.