Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the world of isolated risk management and how Bitsight is expanding its threat intelligence with the Cybersixgill deal, offering MSSPs a deeper pool of data to assess clients' security postures. In other news, schools are under fire for exposing sensitive information, highlighting the economic implications of the sustained rise in cybercrime. Meanwhile, the cybersecurity community is on high alert as Ivanti zero-day leaves researchers scrambling and a UK government-funded paper warns of cyber risks associated with sex toys. We also cover the recent macOS Kernel Extension Vulnerability disclosed by Microsoft and the exploitation of Fortinet firewalls. In the realm of vulnerabilities, we discuss GPU Driver Vulnerabilities in Imagination, the abuse of Aviatrix Controller bug, and the urgent need to patch BeyondTrust bug. We also touch on the latest patches for Ivanti and Juniper Networks vulnerabilities. In the human aspect of cybersecurity, we feature an exclusive piece by Vishal Parekh, COO of CyberPowerPC India, and announce a job opening for a Production Assistant at CISO Series. Finally, we delve into the world of podcasts, discussing the latest episodes from APDR, CIO, and CISO series, and exploring Big Tech's bet on Trump. Stay tuned for more updates on the global cybersecurity outlook and AI privacy policies. Stay safe and informed with ONSEC Cyber Daily.

Exploits Alert

1. Breaking the Cycle of Isolated Risk Management | MSSP Alert: Bitsight is set to expand its threat intelligence with the Cybersixgill deal. This will provide Managed Security Service Providers (MSSPs) with a larger pool of data to assess their clients' security postures. Source: MSSP Alert.
2. Data Breach Alert! Schools Expose Sensitive Information - Kuhinje EWE Daily: The sustained rise in cybercrime can have significant economic implications. Schools, in particular, are at risk, with sensitive information being exposed repeatedly. Source: Kuhinje EWE Daily.
3. Ivanti zero-day has researchers scrambling | Cybersecurity Dive: Threat hunters are on high alert as 900 Ivanti Connect Secure instances are vulnerable. Licensing rights are being purchased to mitigate the risk. Source: Cybersecurity Dive.
4. Are sex toys the new hacking frontier? - DIGIT: A UK government-funded paper has issued a warning about the cyber risks associated with sex toys, highlighting a new potential cyber vulnerability surface. Source: DIGIT.

Vulnerabilities & Patches

1. Microsoft Discloses macOS Kernel Extension Vulnerability: Microsoft has disclosed a vulnerability in macOS, identified as CVE-2024-44243, which was patched by Apple in their December 11, 2024 security updates. This flaw specifically affects the macOS kernel extension. Source: Cyber Kendra.
2. Snoops exploited Fortinet firewalls with 'probable' 0-day: Fortinet firewalls have been exploited by unknown attackers. The networking gear maker has yet to link the malicious activity to a specific flaw, assign a CVE, or patch a related hole. Source: The Register.
3. GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely: Imagination's GPU drivers have critical vulnerabilities that allow attackers to gain kernel access remotely. A patch update was released on 10th Jan addressing these vulnerabilities. Source: Cybersecurity News.
4. Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug: Attackers are abusing a bug in Aviatrix Controller to facilitate cryptojacking and backdoor attacks. Compromised environments were exposed to the internet and had the patches for the last known Aviatrix Controller RCE (CVE). Source: The Register.
5. CISA orders agencies to patch BeyondTrust bug exploited in attacks: CISA has ordered agencies to patch a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) that has been exploited in attacks. Source: Bleeping Computer.

Podcasts

1. BRIEF25: Vishal Parekh, COO of CyberPowerPC India: Vishal Parekh, the COO of CyberPowerPC India, shares his insights and experiences in the cybersecurity industry in this exclusive series. Source: MediaBrief
2. APDR Podcast Episode 78 with host Kym Bergmann: This episode delves into the details of the upgraded Mogami frigate and the complexities of the SEA 3000 process. Source: Asia Pacific Defence Reporter
3. Big Tech's Big Bet on Trump: This podcast explores how the biggest names in tech are supporting Donald J. Trump, both during his candidacy and now. Source: The New York Times
4. CIO Podcast – Episode 88: A Healthcare Perspective on Southern California Wildfires with Ray Lowe: In this episode, Ray Lowe, SVP and CIO at AltaMed, discusses the impact of Southern California wildfires from a healthcare perspective. Source: Healthcare IT Today
5. AI Privacy Policies: Unveiling the Secrets Behind ChatGPT, Gemini, and Claude: This episode unveils the secrets behind the privacy policies of AI technologies like ChatGPT, Gemini, and Claude. Source: Security Boulevard

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. From the expanding threat intelligence of Bitsight to the new hacking frontier of sex toys, we've covered a lot of ground. We've also delved into the latest vulnerabilities and patches, and explored the world of cybercrime through the lens of various podcasts. Remember, the world of cybersecurity is ever-evolving, and staying informed is your first line of defense. So, let's break the cycle of isolated risk management together. Share this newsletter with your friends and colleagues to keep them in the loop too. Stay safe, stay informed, and see you in the next edition of 'ONSEC Cyber Daily'.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn