Welcome back from the holidays, everyone! We hope you had a fantastic break and are ready to dive into the latest cybersecurity developments. In today’s issue of ONSEC Cyber Daily, we’re starting off with a critical warning from CISA regarding an exploited vulnerability in PAN-OS versions—expertly covered by Samiksha in her latest article on The Cyber Express. Next, Google Chrome users should remain on high alert, as the government warns of serious security flaws that could leave systems open to cyberattacks. We’ll discuss the steps you can take to protect yourself. We’re also examining critical vulnerabilities in Progress WhatsUp Gold and Paessler PRTG Network Monitor. While a security patch is available for WhatsUp Gold, no patch is on the horizon for PRTG Network Monitor, leaving it exposed to potential attacks. Additionally, we’ll look into the recently released PoC exploit for a critical Windows LDAP RCE vulnerability (CVE-2024-49112), which boasts a CVSS severity score of 9.8—making it a formidable threat. Finally, we’ll explore the current state of cybersecurity in the healthcare sector and recap the latest episodes from popular cybersecurity podcasts. Stay tuned for insights into how well the healthcare industry is tackling cybersecurity, the crucial role of CISOs in managing risks, and much more. Stay safe, stay informed, and welcome back with ONSEC Cyber Daily!

Exploits Alert

1. CISA Warning: Exploited Vulnerability in PAN-OS Versions: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in PAN-OS versions that is being exploited. Users are advised to update their systems to the latest versions to avoid potential cyberattacks. Source: The Cyber Express.
2. Govt issues red alert for Google Chrome users: The government has issued a red alert for Google Chrome users, warning them about serious security vulnerabilities that could leave their systems exposed to cyberattacks. Users are advised to update their browsers to the latest version and follow the recommended security practices. Source: MSN.

Vulnerabilities & Patches

1. Critical Vulnerabilities in Progress WhatsUp Gold: Two critical vulnerabilities have been identified in Progress WhatsUp Gold (CVE-2024-12108, CVE-2024-12106). Timely patching is crucial to prevent exploitation and safeguard vulnerable systems. To mitigate the risks posed by these vulnerabilities, immediate action is recommended. Source: SOCRadar
2. No security patch in sight: Paessler PRTG Network Monitor vulnerable to attack: A high-risk vulnerability (CVE-2024-12833) has been discovered in the web interface of Paessler PRTG Network Monitor by security researchers from Trend Micro. As of now, no security patch is available, leaving the system exposed to potential attacks. Source: Heise
3. PoC Exploit Released for Critical Windows LDAP RCE Vulnerability: A proof-of-concept exploit for a critical Windows LDAP RCE vulnerability (CVE-2024-49112) has been released. The flaw, disclosed by Microsoft on December 10, 2024, during its Patch Tuesday update, carries a CVSS severity score of 9.8, indicating its high risk. Source: Cyber Security News
4. LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112: SafeBreach Labs has published the first proof-of-concept exploit for a high-risk vulnerability (CVE-2024-49112) disclosed during Microsoft's Patch Tuesday update. The vulnerability has been given a CVSS severity score of 9.8 out of 10, indicating its critical nature. Source: Security Boulevard

Podcasts

1. Is Healthcare Doing Anything Well in Cybersecurity: This podcast episode discusses the current state of cybersecurity in the healthcare sector. It explores the challenges faced by healthcare IT in ensuring data security and compliance, and whether the industry is doing enough to address these issues. Source: Healthcare IT Today.
2. CISOs DO Own the Risk: The CISO Series Podcast episode emphasizes the role of Chief Information Security Officers (CISOs) in managing cybersecurity risks. It also introduces the Conversant Group, the world's first civilian cybersecurity force. Source: CISO Series.
3. Cybersecurity News: US soldier arrested, Election interference sanctions, RI data leak: This episode of Cyber Security Headlines discusses recent cybersecurity news, including the arrest of a U.S. soldier, election interference sanctions, and a data leak in Rhode Island. Source: CISO Series.
4. FLOSS Weekly Episode 814: The Banksy Situation: This episode of FLOSS Weekly discusses the "Banksy Situation" and its implications for the Cyber Resilience Act. It explores the responsibilities of commercial product users in meeting the act's requirements. Source: Hackaday.

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We hope you found our coverage of the latest cyber threats, vulnerabilities, and security updates informative and enlightening. Remember, in the digital world, knowledge is your best defense. From the CISA warning about exploited vulnerabilities in PAN-OS versions to the red alert for Google Chrome users, it's clear that the cyber landscape is constantly evolving. And with no security patch in sight for certain systems, it's more important than ever to stay informed and vigilant. We also hope you enjoyed our featured articles and podcasts, offering insights into the state of cybersecurity in healthcare and the role of CISOs in managing risk. If you found our newsletter helpful, please consider sharing it with your friends and colleagues. After all, cybersecurity is a shared responsibility. Let's work together to create a safer digital world. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)