Welcome to today's issue of ONSEC Cyber Daily! We're diving into the world of cybersecurity, where vulnerabilities and patches are the talk of the town. As the minister warns, we need to work diligently to ensure the security of our people and critical infrastructure, highlighting the importance of addressing cyber vulnerabilities. In the tech world, Samsung has released its January 2025 security patch, addressing numerous critical and high-level CVEs. Meanwhile, a sneaky new steganography malware is exploiting Microsoft Word, affecting hundreds of firms worldwide. But don't worry, a patch for this vulnerability has been around for a while. We also delve into the recent exploits of Windows LDAP and OpenSSH vulnerabilities, and the release of a PoC for a critical privilege escalation vulnerability affecting Microsoft Windows. In addition, a popular open source vulnerability scanner, Nuclei, was forced to patch a worrying security flaw. In the realm of WordPress, a plugin vulnerability exposes 3 million websites to injection attacks. We also bring you the latest from the podcast world. Tune in to APDR Podcast Episode 77 for insights on data security solutions, and don't miss the Cyber Security in the Maritime Sector episode for what you need to know now. As we wrap up, we touch on China's shadow over U.S. telecom networks and the latest episodes from various cybersecurity podcasts. Stay tuned, stay informed, and most importantly, stay secure with ONSEC Cyber Daily.

Exploits Alert

1. SmartScreen Defense Bypass: Cybercriminals have found a way to bypass SmartScreen defenses, potentially enabling them to distribute malware. This vulnerability has been present for approximately 85 days. Source: here.
2. LDAPNightmare - CVE-2024-49113: A Denial of Service vulnerability in Windows Lightweight Directory Access Protocol (LDAP), also known as LDAPNightmare, is causing domain controllers to crash and reboot by targeting the Local Security Authority Subsystem Service (LSASS). Source: here.
3. Minister Downplays PPP's Coalition Exit Warning: The minister stressed the importance of diligent work to ensure the security of people and critical infrastructure, noting that cyber vulnerabilities could pose significant risks. Source: here.
4. Chinese APT Exploits BeyondTrust Vulnerability: A Chinese Advanced Persistent Threat (APT) group has exploited a vulnerability in BeyondTrust to breach U.S. Treasury Systems. Source: here.
5. Assam's Morigaon Police Crack Down on Major Cybercrime Racket: The Morigaon Police in Assam have cracked down on a major cybercrime racket, leading to the arrest of 11 scammers. Source: here.

Vulnerabilities & Patches

1. Samsung January 2025 Security Patch Details Released: Samsung has released its January 2025 security patch, addressing 5 critical and 24 high-level CVEs. One CVE was already covered in previous updates. Source: SammyFans
2. A sneaky new steganography malware is exploiting Microsoft Word: A new steganography malware is exploiting Microsoft Word, affecting hundreds of firms worldwide. A patch for the exploited CVE-2017-1182 vulnerability is available. Source: MSN
3. Remotely Exploitable LDAP Flaws in Windows: A proof-of-concept exploit for CVE-2024-49113, a remotely exploitable LDAP flaw in Windows, has been released by SafeBreach. Source: GovInfoSecurity
4. Popular open source vulnerability scanner Nuclei forced to patch worrying security flaw: A high-severity bug, tracked as CVE-2024-43405, has forced Nuclei, a popular open-source vulnerability scanner, to patch a worrying security flaw. Source: TechRadar
5. Wordpress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks: A critical vulnerability in the popular UpdraftPlus: WP Backup & Migration Plugin has been identified, potentially impacting over 3 million websites. Source: GBHackers

Podcasts

1. APDR Podcast Episode 77 with host Kym Bergmann: In this episode, host Kym Bergmann discusses a strategic agreement between Leonardo and Arbit Cyber Defence Systems, a Danish company specializing in data security solutions. Source: Asia Pacific Defence Reporter
2. Cyber Security in the Maritime Sector - What You Need to Know Now: This podcast episode focuses on the importance of cybersecurity in the maritime sector. It also features the Fascinated by Shipwrecks Podcast, Episode 4: Combing the Deep off the BC Coast. Source: Marine Link
3. China's shadow over U.S. telecom networks - CyberWire: This episode discusses the influence of China over U.S. telecom networks. The host, Dave Bittner, is a security podcast host and one of the founders at CyberWire. Source: CyberWire
4. Podcaster Shawn Ryan Apologizes After Matthew Livelsberger Email Episode: In this episode, podcast host Shawn Ryan apologizes after sharing an email allegedly written by Matthew Livelsberger. Source: Newsweek
5. Thanksgiving Gratitude & Job Hunt Updates for Episode 3 of, The Unemployed: This episode of the Techstrong.tv Podcast provides updates on job hunting and expresses gratitude during the Thanksgiving season. Source: Security Boulevard

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We hope you found these updates informative and valuable. Remember, in the world of cybersecurity, knowledge is power. The more we know, the better we can protect ourselves and our organizations. In the spirit of community and shared security, we encourage you to pass this newsletter along to your friends and colleagues. Let's work together to stay one step ahead of the threats. After all, cybersecurity is not just an IT issue, it's a human issue. Stay safe, stay informed, and we'll see you in the next edition of ONSEC Cyber Daily.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn