Welcome to the ONSEC Cyber Daily for November 13th. Today, we're diving into a whirlwind of cybersecurity updates that have been making waves across the globe. From the surge in 'zero-day' cyberattacks warned by the Feds to the critical vulnerabilities actively exploited, the cyber landscape is buzzing with activity. In the retail sector, the holiday season brings not just cheer but also cybersecurity vulnerabilities. Meanwhile, the MSSP market is gearing up with the latest November Patch Tuesday updates. Microsoft has been busy patching up, addressing four zero-days and a whopping 91 flaws. But it's not just Microsoft, Chrome users, all 3.2 billion of them, have a new warning to heed with 12 new vulnerabilities confirmed. The UK and its allies are on high alert, warning of cyber attack vulnerabilities. The Cybersecurity and Infrastructure Security Agency has also released its advisory outlining the top 15 exploited vulnerabilities in 2023. In the world of patches, November Patch Tuesday has everyone's plate loaded. From Microsoft fixing dozens of security flaws in Windows and Office to D-Link deciding not to patch 60,000 older modems, it's a mixed bag. And finally, we have some interesting podcast episodes for you to tune into, covering topics from quantum revolutionizing PNT and RF sensing to the workings of the Gamaredon APT group. Stay tuned for more updates and remember, stay safe in the cyber world.

Exploits Alert

1. API Threats: The increasing use of APIs has led to a rise in associated threats. Cybercriminals are exploiting these interfaces to gain unauthorized access to sensitive data. Businesses are advised to implement robust security measures to protect their APIs. Source: MSSP Alert
2. Rise in 'Zero-Day' Cyberattacks: Federal authorities have warned of a significant increase in 'zero-day' cyberattacks. These attacks exploit previously unknown vulnerabilities, making them particularly difficult to defend against. Source: Consumer Affairs
3. Microsoft November 2024 Patch Tuesday: Microsoft has fixed four zero-day vulnerabilities and 91 other flaws in its latest Patch Tuesday update. Users are urged to install these patches immediately to protect their systems. Source: Bleeping Computer
4. UK and Allies Warn of Cyber Attack Vulnerabilities: The UK and its international allies have issued an alert about an increase in cyber attackers exploiting previously unknown vulnerabilities. The alert emphasizes the importance of staying updated on the latest security patches. Source: ADS Advance
5. New Chrome Warning for 3.2 Billion Users: Google has issued a warning for all Chrome users due to 12 new vulnerabilities. Users are advised to update their browsers immediately to mitigate the risk. Source: Forbes

Vulnerabilities & Patches

1. Fortinet secures FortiOS, FortiAnalyzer and FortiClient: Fortinet has patched vulnerabilities in FortiOS, FortiAnalyzer, and FortiClient. The most critical flaw (CVE-2024-36513) in FortiClient for Windows could allow attackers to escalate their rights in the system using LUA auto-patch scripts. Source: heise online
2. Microsoft's November 2024 Patch Tuesday: Microsoft has addressed close to a hundred issues in November's Patch Tuesday, including six zero-day vulnerabilities in Windows (CVE-2024-43451). Users are advised to update their systems immediately. Source: PCWorld
3. HPE Aruba Networking Access Point flaws addressed: HPE has released critical patches for CVE-2024-42509 and CVE-2024-47460 in Aruba Access Points, addressing vulnerabilities that could allow remote attackers to take control of the affected system. Source: SC Media
4. D-Link won't patch older modems: D-Link has decided not to patch 60,000 older modems, leaving them vulnerable to attacks. One of the unpatched vulnerabilities (CVE-2024-11068) allows threat actors to change passwords through privileged API access. Source: TechRadar
5. High-Severity Vulnerabilities Patched in Zoom, Chrome: Google and Zoom have patched high-severity vulnerabilities in their products. The second flaw in Zoom, tracked as CVE-2024-45419, is an improper input validation issue that can be exploited over the network. Source: SecurityWeek

Podcasts

1. i-PRO CEO Talks North America, Acquisitions, and the Road Ahead for Integrators: In this podcast, Paul Rothman interviews Masato Nakao, CEO of i-PRO, discussing the company's future plans for integrators and partners in North America. Source: Security Info Watch
2. FSM - Fire Safety Matters Podcast - Episode 40: The Fire & Security Matters (FSM) podcast provides an independent voice for the fire, security, and risk management sectors. Source: FSM Matters
3. Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 214: This episode features a discussion with Ed Hernandez, who oversees drug product manufacturing, recorded at the NC Life Sciences Organization's Annual Meeting. Source: JD Supra
4. SPOTLIGHT: How quantum will revolutionise PNT and RF sensing, with DSTG's Andrew: In this special ADSTAR series, Liam Garman interviews Andrew Seedhouse, chief of space, intelligence, discussing how quantum will revolutionize PNT and RF sensing. Source: Defence Connect
5. ESET Research Podcast: Gamaredon: ESET researchers introduce the Gamaredon APT group, detailing its typical modus operandi, unique victim profile, and extensive collection of tools. Source: We Live Security

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the latest MSSP market updates to the rise in zero-day cyberattacks and the critical vulnerabilities being actively exploited. Remember, staying informed is the first step towards staying secure. As we approach the holiday season, it's crucial to be aware of the potential cybersecurity vulnerabilities in the retail sector. Don't forget to keep an eye out for the latest patches and updates to keep your systems secure. If you found this newsletter helpful, why not share it with your friends and colleagues? After all, cybersecurity is a team sport, and we're all in this together. Stay safe, stay secure, and see you in the next edition of ONSEC Cyber Daily.