Cyber Daily 10/29: Samsung's 24-Hour Update Deadline, CISA's Qualcomm Warning, Microsoft's Windows Kernel Exposed, Italian State Databases Breached

Welcome to today's issue of ONSEC Cyber Daily, where we bring you the most pressing cybersecurity news in one place. In a race against time, Samsung users are urged to update their phones within 24 hours due to a newly discovered vulnerability. The US cybersecurity agency, CISA, has added this vulnerability to its Known Exploited Vulnerability catalog, emphasizing the urgency of the situation. Meanwhile, the importance of proactive defense is underscored as we delve into how managed risk enhances vulnerability management. We also explore CISA and FBI's latest alert on cross-site scripting, urging developers to adopt secure coding practices to reduce risk. In other news, admins are urged to spring into action over the latest critical open source vulnerability. The Windows kernel is also exposed to an OS downgrade exploit, and an unfixed Windows Theme Security flaw exposes user credentials. We also discuss multiple vulnerabilities in IBM Java SDK and IBM Java Runtime, and the impact on Rational Business Developer. Plus, we look at the "return" of a Windows Themes spoofing vulnerability and how ransomware is targeting corporate networks via SonicWall VPNs. Finally, we'll touch on the latest cybersecurity podcasts, including discussions on AI, data proxies for clients of cloud service providers, and the role of third-party identities in your cybersecurity supply chain. Stay tuned for these stories and more in today's ONSEC Cyber Daily.

Exploits Alert

1. Samsung's Impossible Deadline—Update Your Phone Within 24 Hours: The US cybersecurity agency, CISA, has added CVE-2024-43047 to its Known Exploited Vulnerability catalog, warning that multiple Qualcomm chipsets are at risk. Samsung Galaxy users are urged to update their phones within 24 hours or stop using them. Source: Forbes
2. Proactive defense: How managed risk enhances vulnerability management: CyberRisk Alliance's custom content strategist, Paul Wagenseil, discusses the importance of proactive defense in managing risk and enhancing vulnerability management. The content is developed from CRA research and aligned with the most pressing cybersecurity issues. Source: SC Media
3. CISA and FBI release secure by design alert on cross-site scripting: CISA and the FBI have released guidelines on eliminating XSS vulnerabilities and adopting secure coding practices. By following these guidelines, developers can significantly reduce the risk of cyber attacks. Source: Security Intelligence

Vulnerabilities & Patches

1. Spring Framework Vulnerability: A critical vulnerability has been discovered in the Spring framework, a popular tool in the Java ecosystem. Administrators are urged to patch their systems immediately to avoid potential exploitation. Source: The Register
2. Windows Kernel Exploit: Researchers have found two privilege escalation problems in the Windows update process (CVE-2024-21302 and CVE-2024-38202). These vulnerabilities could potentially allow an attacker to downgrade the operating system. Source: TechHQ
3. Windows Theme Security Flaw: A security flaw in Windows Theme that exposes user credentials has been identified. Despite a recent patch (CVE-2024-38030) to fix a similar issue, researchers found that the update did not fully address the problem. Source: WinBuzzer
4. IBM Java SDK Vulnerabilities: Multiple vulnerabilities have been found in IBM Java SDK and IBM Java Runtime affecting Rational Business Developer. The vulnerabilities are addressed in the Oracle April 2024 Critical Patch Update, plus CVE-2023-38264. Source: IBM
5. SonicWall VPNs Ransomware Target: SonicWall VPNs are being targeted by ransomware attacks exploiting CVE-2024-40766. Federal firms are given a deadline to patch up, as the vulnerability was added to CISA's Known Exploited Vulnerabilities (KEV) catalog. Source: MSN

Podcasts

1. Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 212: Fujifilm's: This episode features a discussion with Christine Vannais from Fujifilm and her new colleague about the latest developments in the life sciences sector. Source: JD Supra
2. The AI Fix #22: Probing AI tongues and ASCII smuggling attacks: This podcast episode delves into the intricacies of AI, discussing ASCII smuggling attacks and other cybersecurity topics. The podcast has won multiple cybersecurity awards. Source: Graham Cluley
3. Lawfare Daily: David Kris on Data Proxies for Clients of Cloud Service Providers: Alan Rozenshtein and David Kris discuss the use of data proxies for clients of cloud service providers, providing insights into the legal aspects of data security. Source: Lawfare Media
4. Voices for Change with MD and Global Head of Cyber Operations at Barclays, Becky Pinkard: This episode features a conversation with Becky Pinkard, MD and Global Head of Cyber Operations at Barclays, discussing her personal stories and commitment to DE&I. Source: Allen & Overy
5. Executive Session, Episode 4: George Casey, Allan Grafman and Rob Lyman: This tech-centric episode explores two aspects of AI as well as cybersecurity essentials, providing insights for directors and boards. Source: Directors & Boards

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from Samsung's urgent update deadline to the latest vulnerabilities and patches. Remember, in the world of cybersecurity, staying informed is your first line of defense. If you found this newsletter helpful, why not share it with your friends and colleagues? Let's spread the knowledge and keep our networks secure. Stay safe, stay updated, and see you in the next edition of ONSEC Cyber Daily. Until then, keep those systems patched and those firewalls high.