Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities (1).jpg)
Cyber Security Briefing, 7 - 13 October
Apple fixes 0-day iOS fixes for older iPhones and iPad
Apple has released security updates for older iPhones and iPads to back up patches released a week ago, addressing two 0-day vulnerabilities exploited in attacks.
- The first 0-day has been classified as CVE-2023-42824 and is a privilege escalation vulnerability caused by a flaw in the XNU kernel that allows local attackers to elevate privileges on vulnerable iPhones and iPads.
- The second has been classified as CVE-2023-5217 and is caused by a buffer-overflow vulnerability in the VP8 encoding of the open-source libvpx video codec library.
Google previously patched the libvpx vulnerability as a 0-day in its Chrome web browser. Microsoft also addressed the same vulnerability in its Edge, Teams, and Skype products.
Microsoft patches 104 vulnerabilities, including three 0-day
Microsoft has released Patch Tuesday updates for the month of October patching a total of 104 vulnerabilities.
Among the patched flaws are three actively exploited 0-days: CVE-2023-41763, CVE-2023-36563 and CVE-2023-44487. While CVE-2023-41763 is a vulnerability that affects Skype for Business and allows elevation of privilege, CVE-2023-36563 allows the theft of NTLM hashes when opening a document in WordPad.
On the other hand, Microsoft has published mitigations for CVE-2023-44487, a flaw that allows a new DDoS technique called HTTP/2 Rapid Reset, which abuses the HTTP/2 broadcast cancel feature to continuously send and cancel requests, overwhelming the server. Finally, it should be noted that, of the remaining 101 vulnerabilities patched, 12 of them have been classified as critical.
Critical vulnerability in cURL
The author of the cURL tool, Daniel Stenberg, has posted a warning on LinkedIn and GitHub about a serious vulnerability and has announced the release of version 8.4.0 on Wednesday, which fixes this vulnerability.
It has been identified as CVE-2023-38545 and affects both the cURL and libcurl libraries. In addition, the new release will also address the less severe CVE-2023-38546 flaw. cURL is a command-line tool used for transferring URL-formatted files.
It should be noted that no further details about the vulnerability have been disclosed due to its criticality, although no active exploitation has been detected.
New Magecart campaign hides malware in 404 error pages
Researchers at Akamai Security Intelligence Group have detected a new web skimming campaign by threat actor Magecart, targeting Magento and WooCommerce web stores in the retail and food sectors.
The attack infrastructure of this campaign can be divided into three parts, with the aim of making it difficult to detect: loader, malicious attack code and data exfiltration to the command and control server. In the case of this campaign, three variants have been observed, two of which are very similar to each other, and a third that has caught the attention of researchers because of its ability to hide the malicious code through the 404 error pages of the affected websites.
Although the loader has been removed from some of the affected websites, the skimmer could easily reactivate the attack, so researchers stress the importance of detecting and mitigating these attacks.
Balada Injector exploits tagDiv vulnerabilities
Security researchers at Sucuri have published an article giving details of the exploitation of vulnerabilities in tagDiv, the Newspaper and Newsmag WordPress theme plugin, by Balada Injector. A telltale sign of exploitation of this recently disclosed XSS vulnerability in the tagDiv Composer is a malicious script found injected inside tags.
The goal of Balada Injector threat actors is always to maintain control of compromised sites through backdoors, malicious plugins, and the creation of rogue blog administrators. In this case, the vulnerability does not allow them to easily achieve this goal. However, this has not stopped them from attempting to completely take over sites with stored XSS vulnerabilities.
Image: Freepik.
