CySec News
Microsoft has released the optional KB5014666 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and new, unexpected printing features. The KB5014666 cumulative update preview is part of Microsoft’s June 2022 monthly “C” update, allowing admins to test fixes in the July 2022 Patch Tuesday.
Reference: https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5014666-update-brings-new-printing-features-bug-fixes/
Mozilla Firefox 102 was released today with a new privacy feature that strips parameters from URLs that are used to track you around the web.
Reference: https://www.bleepingcomputer.com/news/security/new-firefox-privacy-feature-strips-urls-of-tracking-parameters/
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. The issue has been identified in OpenSSL version 3.0.4, which was released on June 21, 2022, and impacts x64 systems with the AVX-512 instruction set. OpenSSL 1.1.1 as well as OpenSSL forks BoringSSL and LibreSSL are not affected.
Reference: https://thehackernews.com/2022/06/openssh-to-release-security-patch-for.html
Microsoft announced today the general availability of tenant-wide idle session timeout for Microsoft 365 web apps to protect confidential data on shared or non-company devices left unattended. When toggled on, it prevents data leaks by ensuring that sensitive information will no longer be exposed to unauthorized access after employees forget to log out of unmanaged machines despite corporate policy and security training.
Reference: https://www.bleepingcomputer.com/news/microsoft/microsoft-365-now-prevents-data-leaks-with-new-session-timeouts/
Microsoft has reminded customers that the Exchange Server 2013 mail and calendaring platform will reach its extended end-of-support date roughly nine months from now, on April 11, 2023.
Reference: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-server-2013-reaches-end-of-support-in-9-months/
Semiconductor giant AMD says they are investigating a cyberattack after the RansomHouse gang claimed to have stolen 450 GB of data from the company last year.
Reference: https://www.bleepingcomputer.com/news/security/amd-investigates-ransomhouse-hack-claims-theft-of-450gb-data/
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. Software supply-chain security companies like Sonatype use specialized automated malware detection tools to spot them, and in this case, they identified the following packages as malicious:
- loglib-modules
- pyg-modules
- pygrata
- pygrata-utils
- hkg-sol-utils
Reference: https://www.bleepingcomputer.com/news/security/pypi-python-packages-caught-sending-stolen-aws-keys-to-unsecured-sites/
The LockBit ransomware operation has released ‘LockBit 3.0,’ introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. The ransomware operation launched in 2019 and has since grown to be the most prolific ransomware operation, accounting for 40% of all known ransomware attacks in May 2022. Over the weekend, the cybercrime gang released a revamped ransomware-as-a-service (RaaS) operation called LockBit 3.0 after beta testing for the past two months, with the new version already used in attacks.
Reference: https://www.bleepingcomputer.com/news/security/lockbit-30-introduces-the-first-ransomware-bug-bounty-program/
MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form.
Reference: https://www.bleepingcomputer.com/news/security/mega-fixes-critical-flaws-that-allowed-the-decryption-of-user-data/
Hackers used a zero-day exploit on Linux-based Mitel MiVoice VOIP appliances for initial access in what is believed to be the beginning of a ransomware attack. Mitel VOIP devices are used by critical organizations in various sectors for telephony services and were recently exploited by threat actors for high-volume DDoS amplification attacks. In a new report by CrowdStrike, the company says that a zero-day remote code execution flaw, now tracked as CVE-2022-29499 (CVSS v3 score: 9.8 – critical), was used to gain initial access to the network.
Reference: https://www.bleepingcomputer.com/news/security/mitel-zero-day-used-by-hackers-in-suspected-ransomware-attack/
CVE’s of the Week
Cisco
CVE-2022-20819 – Score 4.0
CVE-2022-20798 – Score 6.8
CVE-2022-20736 – Score 5.0
CVE-2022-20733 – Score 5.0
CVE-2022-20664 – Score 3.5
Microsoft
CVE-2022-32230 – Score 7.8
CVE-2022-30193 – Score 6.8
CVE-2022-30189 – Score 4.3
CVE-2022-30188 – Score 6.8
CVE-2022-30184 – Score 4.3
CVE-2022-30180 – Score 6.8
CVE-2022-30179 – Score 6.8
CVE-2022-30178 – Score 6.8
CVE-2022-30177 – Score 6.8
CVE-2022-30174 – Score 6.8
CVE-2022-30173 – Score 6.8
CVE-2022-30172 – Score 4.3
CVE-2022-30171 – Score 4.3
CVE-2022-30168 – Score 6.8
CVE-2022-30167 – Score 6.8
CVE-2022-30166 – Score 4.6
CVE-2022-30165 – Score 6.5
CVE-2022-30164 – Score 4.6
CVE-2022-30163 – Score 6.0
CVE-2022-30162 – Score 2.1
CVE-2022-30161 – Score 6.8
CVE-2022-30160 – Score 4.6
CVE-2022-30159 – Score 4.3
CVE-2022-30158 – Score 6.0
CVE-2022-30157 – Score 6.5
CVE-2022-30155 – Score 7.1
CVE-2022-30154 – Score 2.1
CVE-2022-30153 – Score 6.8
CVE-2022-30152 – Score 5.0
CVE-2022-30151 – Score 4.4
CVE-2022-30150 – Score 6.8
CVE-2022-30149 – Score 5.1
CVE-2022-30148 – Score 2.1
CVE-2022-30147 – Score 7.2
CVE-2022-30146 – Score 5.1
CVE-2022-30145 – Score 6.0
CVE-2022-30143 – Score 5.1
CVE-2022-30142 – Score 7.6
CVE-2022-30141 – Score 9.3
CVE-2022-30140 – Score 5.1
CVE-2022-30139 – Score 6.8
CVE-2022-30137 – Score 4.6
CVE-2022-30136 – Score 10.0
CVE-2022-30135 – Score 7.2
CVE-2022-30132 – Score 7.2
CVE-2022-30131 – Score 7.2
CVE-2022-29149 – Score 4.6
CVE-2022-29143 – Score 6.0
CVE-2022-29119 – Score 6.8
CVE-2022-29111 – Score 6.8
CVE-2022-22021 – Score 5.1
CVE-2022-22018 – Score 6.8
CVE-2022-2077 – Score 6.8
CVE-2022-2076 – Score 6.0
Vmware
CVE-2022-22979 – Score 5.0
CVE-2022-22953 – Score 4.0
