Welcome to the ONSEC Cyber Daily for October 23rd. Today, we're diving into a whirlwind of vulnerabilities, patches, and cyber threats that have been making waves in the cybersecurity world. We start with a critical vulnerability in the Postjournal Zimbra software suite, which has prompted a security alert from Stormshield. The vulnerability, CVE-2024-45519, is a reminder of the constant vigilance required in the cybersecurity landscape. Next, we delve into the world of ransomware attacks, with Veeam's critical CVE being actively exploited. This highlights the importance of purchasing licensing rights and staying updated on the latest vulnerabilities and cyberattacks. VMware has been in the spotlight for having to patch a critical vCenter Server RCE flaw not once, but twice. The flaws, tracked as CVE-2024-38812 and CVE-2024-38813, affect multiple versions of vCenter, emphasizing the need for robust and effective patching strategies. Bitdefender is also on the patching bandwagon, addressing vulnerabilities in its Total Security suite. Meanwhile, the Spring Framework has released an update to fix the CVE-2024-38819 vulnerability, which could potentially enable attackers to exploit HTTP requests. In other news, the Cybersecurity and Infrastructure Security Agency (CISA) has added a 0-Day from the Rackspace Breach, CVE-2024-9537, to its KEV Catalog, urging immediate patching. Finally, we wrap up with a look at the latest cybersecurity podcasts, discussing everything from the point of regulation in CIO's "Free the CISO" series to the growing cyber threat to the energy sector. Stay tuned for more updates and remember, knowledge is power in the fight against cyber threats. Stay safe, stay informed with ONSEC Cyber Daily.

Exploits Alert

1. Postjournal Zimbra Vulnerability | CVE-2024-45519 - Stormshield: A security alert has been issued for the Zimbra software suite and Stormshield cybersecurity protection against CVE-2024-45519. Users are advised to update their systems to ensure protection. Source: Stormshield
2. Critical Veeam CVE Actively Exploited in Ransomware Attacks - Cybersecurity Dive: A critical vulnerability in Veeam software is being actively exploited in ransomware attacks. Users are urged to update their systems immediately to mitigate the risk. Source: Cybersecurity Dive

Vulnerabilities & Patches

1. Bitdefender Vulnerabilities: Bitdefender has identified a vulnerability, CVE-2023-6055, related to improper certificate validation within Bitdefender Total Security. Users are advised to patch their systems immediately due to the high CVSS score. Source: The Cyber Express
2. Spring Framework Vulnerability: A new vulnerability, CVE-2024-38819, has been discovered in the Spring Framework that could potentially allow attackers to exploit HTTP requests. An update has been released to fix this vulnerability and users are urged to apply it immediately. Source: Gridinsoft
3. CVE-2024-7593 Vulnerability in Ivanti Virtual Traffic Manager: A new vulnerability, CVE-2024-7593, has been identified in Ivanti Virtual Traffic Manager. This vulnerability allows an unauthenticated, remote attacker to access the vTM management interface. A patch is available and users are advised to apply it immediately. Source: cyfirma
4. ScienceLogic SL1 0-Day: A critical vulnerability, CVE-2024-9537, has been identified in ScienceLogic SL1. The Cybersecurity and Infrastructure Security Agency (CISA) has officially added it to the KEV Catalog and urges users to patch their systems against this vulnerability. Source: socradar.io
5. VMware vCenter Server RCE Flaw: VMware has released a second patch for a critical vCenter Server remote code execution vulnerability, CVE-2024-38812, after the first patch proved ineffective. Users of vCenter 7.0.3, 8.9.2, and 8.0.3, as well as all versions of vSphere or VMware Cloud are advised to apply the patch immediately. Source: TechRadar

Podcasts

1. How U.S. water infrastructure became a 'huge' cyber target - StateScoop: This podcast episode discusses the increasing cyber threats to the U.S. water infrastructure. Samuel Alva, a technical adviser with the Cybersecurity and Infrastructure Security, shares insights on the issue. Source: StateScoop
2. Middle East Escalation, Humanitarian Law and Disinformation – Episode 25 | Security Magazine: This episode from The Security Podcasts debates the Lebanon incident and its implications on humanitarian law and disinformation. Source: Security Magazine
3. Episode 1: The point of regulation - CIO: The podcast series "Free the CISO" aims to help CISOs focus on securing their organization. The first episode discusses the role of regulation in cybersecurity. Source: CIO
4. Healthy business cybersecurity starts with a check-up: This episode of the Insurance Speak podcast discusses the importance of regular cybersecurity check-ups for businesses to protect their data from threats. Source: PropertyCasualty360
5. US Pipeline Shutdown Exposes Cyber Threat to Energy Sector - IMDb: The "WSJ Minute Briefing" podcast discusses the recent U.S. pipeline shutdown and how it exposed the cyber threat to the energy sector. Source: IMDb

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered a lot of ground, from the latest vulnerabilities and patches to the critical role of cybersecurity in our everyday lives. Remember, staying informed is the first step towards staying secure. If you found this newsletter helpful, don't keep it to yourself. Share it with your friends, colleagues, and anyone else who could benefit from this information. Let's work together to create a safer digital world. Stay tuned for tomorrow's edition where we'll bring you more updates from the ever-evolving world of cybersecurity. Until then, stay safe and secure.