Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we delve into Belgium's Leonidas Project and its efforts to boost national cyber resilience, a critical initiative in a world where cyber threats are a constant buzz. We also take a look at the proactive cybersecurity measures being implemented by CISA and the FBI, with a focus on their latest alert on XSS vulnerabilities. In the realm of IoT, we expose the vulnerabilities of Philips Smart Bulbs and the risks they pose to home Wi-Fi security. We also highlight CISA's recent advisories on hardware vulnerabilities in critical infrastructure equipment, and the 'high risk' warning issued for Microsoft Windows users. On the tech side, we discuss the impact of Realtek SD Card Reader Driver flaws on various laptops, and the PoC published for VMWare vCenter Server RCE Vulnerability. We also uncover an OS downgrade vulnerability targeting Microsoft Windows Kernel, and the serious security holes found in some Samsung phones. In our podcast section, we feature an episode on legislating artificial intelligence, a discussion on whether patient experience is marketing or tech, and an episode on cybersecurity entrepreneurship. We also bring you the best cybersecurity practices for patient data sharing in healthcare, and explore how cybersecurity is shaping digital lending. Lastly, we take a moment to reflect on the power of consistent rehearsal in achieving cybersecurity resiliency. Stay tuned for these stories and more in today's ONSEC Cyber Daily.

Exploits Alert

1. Belgium's Leonidas Project Boosts National Cyber Resilience: The Leonidas Project in Belgium is working to boost national cybersecurity by alerting any vulnerable organization about critical cyber issues. The project aims to ensure that organizations are prepared for potential cyber threats. Source: Infosecurity Magazine
2. Strengthening Cybersecurity for Critical Infrastructure: The Cyber Express discusses the increasing threat of cyberattacks on critical infrastructure, emphasizing the need for strengthened cybersecurity measures. The article highlights the importance of being proactive in the face of potential cyber threats. Source: The Cyber Express
3. CISA and FBI release secure by design alert on cross-site scripting: The CISA and FBI are focusing on proactive cybersecurity and cyber resilience measures, with a recent alert on XSS vulnerabilities. The alert is part of an effort to encourage secure design practices to prevent such vulnerabilities. Source: Security Intelligence
4. IoT Vulnerabilities Exposed: Philips Smart Bulbs Pose Risks to Home Wi-Fi Security: Cyble Labs reports on the HeptaX campaign, a cyberattack using malicious LNK files and scripts to exploit Remote Desktop access. The report highlights the vulnerabilities in Philips Smart Lighting and the potential risks they pose to home Wi-Fi security. Source: The Cyber Express
5. CISA issues four ICS advisories highlighting hardware vulnerabilities in critical infrastructure: CISA has issued four advisories highlighting hardware vulnerabilities in critical infrastructure equipment. The advisories aim to alert organizations to potential cyber threats and encourage proactive cybersecurity measures. Source: Industrial Cyber

Vulnerabilities & Patches

1. Realtek SD Card Reader Driver Flaws Impact Dell, Lenovo, And Other Laptops: Two vulnerabilities have been identified in Realtek SD Card Reader Drivers, CVE-2022-25477 and CVE-2022-25478, which could potentially leak driver logs and allow unauthorized access to PCI config space. Users are advised to apply the latest patches to mitigate these risks. Source: cybersecuritynews.com
2. PoC Published for VMWare vCenter Server RCE Vulnerability CVE-2024-38812: A proof-of-concept has been published for a remote code execution vulnerability in VMware vCenter Server version 8.0U3a. The vulnerability has been patched in version 8.0U3b. Users are urged to update to the latest version to protect their systems. Source: cybersecuritynews.com
3. Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel: Researchers have discovered two vulnerabilities, CVE-2024-21302 and CVE-2024-38202, that target the Microsoft Windows Kernel. These vulnerabilities were addressed in the August 13 and October 8, 2024 Patch Tuesday updates. Users are advised to ensure their systems are up to date. Source: thehackernews.com
4. Some Samsung phones have serious security holes: A serious security flaw, CVE-2024-44068, has been identified in some Samsung phones. Samsung has acknowledged the issue and released a patch as part of its October security update. Users are advised to apply the update to secure their devices. Source: vietnam.vn

Podcasts

1. Precision-Guided Podcast | Legislating Artificial Intelligence with Sunny Gandhi and Thomas Woodside: In this episode, Georgetown Security Studies student and A.I. analyst Akash Wasil discusses the legislation of artificial intelligence with Sunny Gandhi and Thomas Woodside. Source: Georgetown Security Studies Review
2. SBA Issues Proposed Rule to Require "Rule of Two" for Orders Under Multiple Award Contracts: The Small Business Administration has proposed a rule that would expand the application of the "rule of two" for small businesses. Source: JD Supra
3. Is Patient Experience Marketing or Tech? – Healthcare IT Today Podcast Episode 152: The 152nd episode of the Healthcare IT Today Podcast analyzes the patient experience to decide if it is marketing or tech. Source: Healthcare IT Today

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we hope you've found our coverage on Belgium's Leonidas Project, the vulnerabilities in IoT devices like Philips Smart Bulbs, and the latest cybersecurity alerts from CISA and FBI enlightening. We strive to keep you abreast of the most critical cybersecurity issues, from the ticking time bomb of cyberattacks on critical infrastructure to the high-risk warnings for Microsoft Windows users. Remember, in the world of cybersecurity, knowledge is power. The more we know, the better we can protect ourselves and our organizations from potential threats. So, don't keep this valuable information to yourself. Share 'ONSEC Cyber Daily' with your friends and colleagues, and let's create a safer cyber world together. Also, don't forget to tune into our recommended podcasts for more in-depth discussions on topics like legislating artificial intelligence, patient data sharing in healthcare, and the role of cybersecurity in digital lending. Thank you for being a part of our community. Stay safe, stay informed, and see you in the next edition of 'ONSEC Cyber Daily'.