Welcome to the ONSEC Cyber Daily for October 24th. Today, we're diving into the escalating cyber campaign by Russian Intelligence, as reported by the Kyiv Post. Western intelligence agencies are urging organizations worldwide to stay vigilant. In the UK, the National Cyber Security Centre (NCSC) is offering a free early warning service to help organizations stay ahead of potential cyber threats. Meanwhile, the Australian Cyber Security Centre (ACSC) has issued a critical alert for a vulnerability in Fortinet FortiManager devices. We'll also discuss the importance of responsible disclosure, as highlighted by The Cyber Express. Despite advances in cybersecurity, human error continues to be the single biggest vulnerability, according to ScienceAlert. We'll also cover the latest vulnerabilities and patches, including a critical zero-day vulnerability impacting Fortinet's FortiManager Network Management, and the exploitation of a high-severity FortiManager bug by hackers. In addition, we'll touch on the rise of 'Initial Access Brokering' and the growing trend of Ransomware-as-a-Service, as well as the importance of keeping your software updated to avoid risk. Finally, we'll wrap up with some insightful cybersecurity podcasts, including discussions on the importance of security awareness training, strategies for effective risk assessments, and how cybercriminals leverage disruption for maximum impact. Stay tuned for these stories and more in today's ONSEC Cyber Daily.

Exploits Alert

1. Russian Intelligence Ramps Up Global Cyber Campaign: Western intelligence agencies warn of an escalated cyber campaign by Russian intelligence. Both governmental and private organizations worldwide are urged to stay vigilant. Source: Kyiv Post
2. Exploitation of vulnerability affecting Fortinet FortiManager: The UK's NCSC warns of a vulnerability in Fortinet FortiManager. Organizations are advised to sign up for the NCSC's free Early Warning service for notifications of potential cyber threats. Source: NCSC.GOV.UK
3. Hackers Can Be Heroes: The Importance of Responsible Disclosure: Cyble's vulnerability intelligence report reveals over 30 active cyberattack campaigns, with critical threats to the Spring Java framework. The importance of responsible disclosure is highlighted. Source: The Cyber Express
4. The Single Biggest Vulnerability in Your Cyber Security Is You: Despite advances in cybersecurity, human error continues to be the biggest vulnerability. Individuals are urged to stay informed and vigilant. Source: ScienceAlert
5. 'Act now' – ACSC issues critical alert for exploited FortiManager vulnerability: The Australian Cyber Security Centre (ACSC) has issued a critical alert for a vulnerability in Fortinet FortiManager devices. Immediate action is advised. Source: Cyber Daily

Vulnerabilities & Patches

1. Samsung Software Update Vulnerability: Samsung users are advised to keep a close eye on their software update section due to a potential vulnerability. While the official CVE does not suggest active exploitation, users are encouraged to check for updates frequently. Source: PCPer
2. Cisco Vulnerabilities Patched: Cisco has patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Users are advised to update their systems to the latest versions. Source: Security Affairs
3. Windows Vulnerability CVE-2024-43573: A significant threat has been identified for Windows users, known as CVE-2024-43573. Users are urged to update their operating systems by October 29 to avoid risk. Source: NewsReports
4. Microsoft SharePoint RCE Flaw: A critical RCE flaw in Microsoft SharePoint has been disclosed by CISA. Users are advised to apply patches by November 12. Microsoft's September Patch Tuesday updates also address two critical security flaws. Source: Petri IT Knowledgebase
5. Google Chrome Zero-Day Exploited in 'DeTankZone' Campaign: The Lazarus group has exploited a Google Chrome zero-day, CVE-2024-4947, to steal cryptocurrency. Google has recently patched new security vulnerabilities, and users are advised to update their browsers. Source: SOCRADAR

Podcasts

1. SmartCitiesWorld contributes to global cybersecurity report: This podcast episode discusses the contribution of SmartCitiesWorld to a global cybersecurity report. The episode features Mesfer Almesfer, a chief information security officer, discussing urban solutions. Source: SmartCitiesWorld
2. Multi-Site Mastery: Strategies for Effective Risk Assessments: In this episode of The Security Podcasts, Mark Landry, National Accounts Director at AMAROK, discusses strategies for navigating multi-site risk assessments. Source: Security Magazine
3. The Importance of Security Awareness Training: Terranova Security: This episode features Dane Boyd, a lead security awareness consultant at Fortra's Terranova Security, discussing the importance of security awareness training. Source: SourceForge Podcast
4. Mastering GRC: cybersecurity, risk, and compliance essentials: This podcast episode from Interesting Engineering discusses the essentials of cybersecurity, risk, and compliance. Source: Interesting Engineering
5. Defending Against What Criminals Know About You - CISO Series: This episode from the CISO Series discusses strategies for defending against what criminals know about you. Source: CISO Series

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered a lot of ground, from the ramping up of global cyber campaigns by Russian Intelligence to the critical vulnerabilities affecting Fortinet FortiManager. We've also highlighted the importance of responsible disclosure and the role of human error in cybersecurity. Remember, the cyber world is ever-evolving, and staying informed is your first line of defense. We encourage you to share this newsletter with your friends and colleagues so they too can stay one step ahead of cyber threats. In tomorrow's edition, we'll bring you more updates from the world of cybersecurity. Until then, stay safe and stay informed. Remember, in the world of cybersecurity, knowledge is power. Share that power with others. See you tomorrow!