Welcome to the ONSEC Cyber Daily for October 22nd. Today, we're diving into a flurry of cybersecurity updates and vulnerabilities that have been making waves in the tech world. First up, we're looking at the critical Veeam CVE that's being actively exploited in ransomware attacks. As the cyber threat landscape continues to evolve, it's crucial to stay ahead of the curve and ensure your systems are protected.

Next, we're turning our attention to the recent addition of Sciencelogic SL1 Unspecified Vulnerability to the KEV Catalog by CISA. This move aims to alert users about potential threats and encourage proactive measures. In other news, Microsoft has issued a stern warning to its users: update your PC within 10 days or stop using it. The latest vulnerability, CVE-2024-43573, has raised alarm bells across the cybersecurity community. Meanwhile, FortiManager seems to have closed a security gap that was previously attacked, and VMware has released another security update for a critical vCenter Server remote code execution vulnerability. We're also covering a new CVE discovered on Zyxel's USG FLEX H products by Red Hot Cyber's HackerHood, and a critical flaw in ScienceLogic SL1. In our podcast corner, we're featuring episodes that explore the growing harms of marijuana, the role of AI in accelerating cybersecurity, and how law firms can stay ahead of digital hackers.

Finally, we're wrapping up with a look at the future of cybersecurity with insights on AI-evolved SOCs and proactive defenses. Stay tuned for these stories and more in today's ONSEC Cyber Daily. Stay safe, stay updated, and stay ahead of the curve.

Exploits Alert

1. Critical Veeam CVE actively exploited in ransomware attacks: A critical vulnerability in Veeam software is being actively exploited in ransomware attacks. The exploit allows attackers to gain unauthorized access and encrypt data, demanding a ransom for its release. Users are advised to update their software to the latest version to mitigate the risk. Source: Cybersecurity Dive
2. CISA Adds Sciencelogic SL1 Unspecified Vulnerability to KEV Catalog: The Cybersecurity and Infrastructure Security Agency (CISA) has added an unspecified vulnerability in Sciencelogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog. The addition aims to alert users to the potential risk. Source: Cybersecurity News
3. Microsoft Windows Deadline—10 Days To Update Or Stop Using Your PC: Microsoft has issued a warning for a vulnerability (CVE-2024-43573) in Windows 10 and Windows 11. Users have 10 days to update their systems or risk having to stop using their PCs. The vulnerability could potentially allow unauthorized access to systems. Source: Forbes

Vulnerabilities & Patches

1. FortiManager Security Update: FortiManager has released an update to close a security gap that was previously exploited. The zero-day vulnerability was reportedly used by China. Users are advised to update their systems to the latest version to ensure protection. Source: Heise.
2. VMware vCenter Server RCE Flaw: VMware has released another security update for CVE-2024-38812, a critical vCenter Server remote code execution vulnerability. The previous patch was ineffective, making this update crucial for system security. Source: Bleeping Computer.
3. VMware vCenter Server Privilege Escalation Issue: VMware has successfully remediated a high-severity privilege escalation issue in vCenter Server, tracked as CVE-2024-38813, with the recent update. Users are encouraged to apply the patch promptly. Source: ChannelE2E.
4. Zyxel USG FLEX H Vulnerability: A new CVE has been discovered in Zyxel USG FLEX H firewalls by HackerHood of Red Hot Cyber. The vulnerability could potentially lead to privilege escalation. Users are urged to install the patches immediately. Source: Red Hot Cyber.
5. Critical Flaw in ScienceLogic SL1: A critical vulnerability, CVE-2024-9537, has been identified in ScienceLogic SL1. There is currently no evidence of exploitation, but users are strongly advised to apply patches or updates immediately to mitigate the risk. Source: The Cyber Express.

Podcasts

1. Who Knows What Evil Lurks in the Heart of Low-Code/No-Code? (LIVE in Los Angeles): This episode of the CISO Series Podcast, hosted by David Spark and Sasha Pereira, explores the potential security risks associated with low-code/no-code solutions. Source: CISO Series
2. How AI Can Accelerate Cybersecurity: This episode of Smart Talks discusses how artificial intelligence can be leveraged to enhance cybersecurity measures. The content does not necessarily represent IBM's positions, strategies, or opinions. Source: iHeart
3. How Can Your Law Firm Stay Ahead of Digital Hackers? with Jonathan Steele: This episode on Counsel Cast discusses cybersecurity strategies tailored for law firms to stay ahead of digital hackers. Source: Legal Talk Network
4. Hacked Robot Vacuums, Secret Printer Tracking Dots: Episode 351 of this podcast explores an unusual incident where robot vacuums were hacked to shout obscenities, exposing significant IoT vulnerabilities. Source: Security Boulevard
5. How next-gen SOCs will shape the future of cybersecurity: This episode dives into the future of cybersecurity, discussing AI-evolved Security Operations Centers (SOCs) and proactive defenses. Source: EY - India

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered everything from critical CVEs being exploited in ransomware attacks to the latest updates on vCenter Server vulnerabilities. We hope you found this information valuable and actionable. Remember, cybersecurity is not a one-man show. It's a collective effort. So, don't keep this knowledge to yourself. Share this newsletter with your friends and colleagues to keep them in the loop. Let's work together to create a safer digital world. Stay vigilant, stay updated, and stay secure. Until next time, this is your trusted source for all things cybersecurity, signing off.