Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the deep end of cybersecurity vulnerabilities and exploits. Researchers at Censys have raised the alarm on over 8,600 exposed BeyondTrust instances, while unencrypted email servers remain a soft target for cyber sniffers. In Scotland, the Cyber Coordination Centre is ramping up its alert and response coordination efforts. Meanwhile, a new list of top 10 vulnerabilities in cybersecurity has emerged, with attackers bypassing SmartScreen defenses to distribute malware. The LDAPNightmare exploit is causing a stir, targeting a Windows LDAP flaw and causing domain controllers to crash and reboot. This flaw, along with several others, were disclosed on the Microsoft Security Response Center website. Sophos users, be warned: your firewall devices could be vulnerable to remote attacks. Make sure you're updated with the latest patches. In the podcast world, Shawn Ryan's latest episode has sparked controversy with the release of an alleged manifesto from the Cybertruck bomber. As we reflect on the diverse range of topics at the frontiers of national security, we also look ahead at what to expect from the Trump administration on cybersecurity. Finally, we wrap up with some international intrigue: Chinese hackers have penetrated the U.S. Treasury, and a Russian tanker is suspected of sabotaging undersea data cables. Stay tuned, stay informed, and stay secure with ONSEC Cyber Daily.

Exploits Alert

1. Censys researchers warn 8,600 BeyondTrust instances still exposed: Censys researchers have issued a warning about 8,600 instances of BeyondTrust that are still exposed. This vulnerability could potentially lead to breaches and cyberattacks. It is crucial for users to update their systems to avoid falling victim to these threats. Source: Cybersecurity Dive
2. MSSP Market Update: Unencrypted Email Servers Vulnerable to Sniffing: Unencrypted email servers are at risk of being sniffed, according to the latest MSSP Market Update. This vulnerability could lead to unauthorized access to sensitive information. Users are advised to encrypt their email servers to prevent potential cyber risks. Source: MSSP Alert

Vulnerabilities & Patches

1. SmartScreen Defense Bypass: Attackers have found a way to bypass SmartScreen defenses, which could potentially facilitate malware distribution. The average age of this vulnerability is 85 days. Source: Medium
2. LDAPNightmare - CVE-2024-49113: This Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw, also known as LDAPNightmare, targets the Local Security Authority Subsystem Service (LSASS), causing domain controllers to crash and reboot. Source: VULNERA, Security Newspaper, Systemtek, Security Affairs, The Hacker News

Podcasts

1. Podcaster 'Disappearing' After Matthew Livelsberger Alleged Manifesto Shown - Newsweek: Shawn Ryan, a popular podcaster, recently released an episode featuring an alleged manifesto from the Cybertruck bomber. This controversial episode has sparked a lot of discussions and debates among the audience. Source: Newsweek
2. The Week That Was - Lawfare Blog: In the final episode of Chatter, Shane Harris and David Priess reflect on a variety of topics at the forefront of national security. The episode provides a comprehensive overview of the current state of national security. Source: Lawfare Blog
3. AI-powered propaganda - CyberWire: This episode discusses the U.S. sanctions on Russian and Iranian groups over election misinformation and Apple's settlement of a class action lawsuit over Siri privacy allegations. It provides an insightful look into the intersection of technology, politics, and law. Source: CyberWire
4. Tech Tank: What To Expect From The Trump Administration on Cybersecurity | Lawfare: This episode explores how the Biden administration is addressing emerging threats by protecting critical infrastructure, disrupting threat actors, and leveraging market forces. Source: Lawfare
5. Demystifying DORA with Simon Phillips of SecureAck and Alex Tasioulis of Cloudified.io: In this episode, Dave and Dharm demystify the Digital Operational Resilience Act (DORA) and discuss its significance for the financial sector. Source: FintechFutures

Final Words

And that's a wrap for today's ONSEC Cyber Daily! From the exposed BeyondTrust instances to the LDAPNightmare exploit, we've covered a lot of ground. Remember, cybersecurity isn't just about the big breaches and attacks, it's also about the vulnerabilities that lurk in the shadows. We hope you've found this information valuable and that it helps you stay one step ahead of the cyber threats out there. If you have colleagues or friends who could benefit from this daily dose of cybersecurity news, please share this newsletter with them. In the world of cybersecurity, knowledge is power. Let's continue to learn, share, and protect together. Stay safe and see you tomorrow for another edition of ONSEC Cyber Daily.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn