Good morning, ONSEC Cyber Daily readers!

Today’s highlights include GitHub patching a critical Enterprise Server flaw to prevent unauthorized access and the Muah.ai breach exposing cyber vulnerabilities and leading to extortion threats. Organizations must also address exploited SolarWinds Web Help Desk vulnerabilities and stay alert to a new Russian cyber campaign. Meanwhile, CISA warns of three actively exploited vulnerabilities, and patches are rolling out for GitHub, LiteSpeed plugins, Fortinet, and Netgear WiFi Extenders. On the podcast front, discover insights on workplace violence prevention, medical device security, and building cyber-resilient cities in today’s digital world.

Stay alert, stay safe!

Exploits Alert

1. GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access: GitHub has patched a critical flaw in its Enterprise Server that allowed unauthorized instance access. This vulnerability could have led to significant data breaches and unauthorized changes to code repositories. Source: The Hacker News
2. The Muah.ai Data Breach – Extortion Threats And Cyber Vulnerabilities: The Muah.ai data breach has led to extortion threats and exposed cyber vulnerabilities. The incident highlights the importance of cyber-awareness among employees and the need for appropriate staff vetting. Source: Mondaq
3. Organizations Warned of Exploited SolarWinds Web Help Desk Vulnerability: Organizations have been warned of an exploited vulnerability in SolarWinds Web Help Desk. The flaw, tracked as CVE-2024, has been exploited in the wild, posing a significant threat to users. Source: SecurityWeek
4. Russian Intelligence Poses Threat with Cyber Campaign: Russian intelligence is posing a threat with a new cyber campaign. The actors are known for high-profile cyberattacks, including the SolarWinds supply chain compromise. Source: UK Defence Journal
5. CISA Warns of Three Vulnerabilities Actively Exploited in the Wild: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three vulnerabilities exploited in the wild, affecting products from Microsoft, Mozilla, and SolarWinds. Source: Cyber Security News

Vulnerabilities & Patches

1. LiteSpeed Plugin Flaw: WordPress Users Exposed To XSS Attack (CVE-2024-47374): A flaw in the LiteSpeed plugin has left WordPress users exposed to potential XSS attacks. A patch for this vulnerability was released a month after developers fixed another issue. Source: Security Boulevard
2. Github Patches Critical Flaw in Enterprise Server (CVE-2024-9487): Github has patched a critical flaw in its enterprise server. The vulnerability, which has a CVSS rating of 9.5 out of 10, could allow a hacker to bypass SAML single-sign-on (SSO) if exploited. Source: Candid Technology
3. North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (CVE-2024-38178): North Korean group ScarCruft has exploited a patched Windows zero-day vulnerability to infect devices with RokRAT malware. Source: The Hacker News
4. CISA Requires Federal Agencies to Patch Fortinet Flaw by October 30th (CVE-2024-45733): The Cybersecurity and Infrastructure Security Agency (CISA) has mandated federal agencies to patch a serious flaw in Fortinet by October 30th. The flaw affects Splunk Enterprise for Windows and could allow a low-privileged user to perform RCE due to insecure settings. Source: The CyberWire
5. Netgear WiFi Extender Vulnerability Let Attackers Inject Malicious Commands (CVE-2024-35518): A vulnerability in Netgear's WiFi Extender could allow attackers to inject malicious commands. A patch for this type confusion vulnerability has been released. Source: Cybersecurity News

Podcasts

1. Preventing workplace violence | Security Magazine: In this podcast episode, Kelly Johnstone, Senior Security Advisor at International SOS, discusses strategies to prevent workplace violence and ensure employee safety. Source: Security Magazine
2. Blue Goat Cyber Launches "The Med Device Cyber Podcast" | EIN News: This new podcast by Blue Goat Cyber provides strategic insights and practical advice on medical device security, a critical area in the healthcare sector. Source: EIN News
3. Proving physical security value across an organization | Security Magazine: Thomasina Martin, a Key Account Manager specializing in Energy and Utilities at Genetec, discusses the importance of physical security in organizations in this podcast episode. Source: Security Magazine
4. Building cyber-resilient cities in an increasingly digital world | Smart Cities World: This podcast episode explores the importance of building cyber-resilient cities in today's digital world, discussing topics like AI, Machine Learning, data privacy, and governance. Source: Smart Cities World
5. Podcast Recap: A Conversation with Francis D'Addario: Protecting People First and Reimaging Security | Security Info Watch: Francis D'Addario discusses the paradigm shift in security culture, all-hazards operational risk oversight, and Crime Prevention Through Environmental Design (CPTED) in this podcast recap. Source: Security Info Watch

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily! Remember, staying informed is the first step to staying secure. If you found today's newsletter helpful, why not share it with your friends and colleagues? They might appreciate the heads-up on the latest cyber threats and security news. Plus, it's a great way to start a conversation about cybersecurity and how it impacts us all. Stay safe, stay alert, and keep an eye out for tomorrow's edition of ONSEC Cyber Daily. We'll be back with more updates from the ever-evolving world of cybersecurity. Until then, keep your data secure and your systems patched. Remember, in the world of cybersecurity, knowledge is the best defense.