Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a recent US EPA report that highlights significant cybersecurity flaws in our drinking water systems, raising concerns about potential disruptions and public health risks. We'll also be discussing the CISA's annual list of top exploited vulnerabilities, revealing a worrying rise in zero-day exploits and the continued threat of Log4Shell. In international news, the Vietnam Authority of Information Security has partnered with the US CISA to bolster cybersecurity defenses and protect critical digital infrastructure. On the tech front, we're looking at a new vulnerability in Cisco ECE that could trigger a denial of service, and Palo Alto's urgent warning about hackers exploiting an RCE flaw in their firewall management interfaces. Finally, we'll be exploring the urgent call to action to protect networks from active cyber threats, including SQL injection attacks. Stay tuned for all this and more, right here on ONSEC Cyber Daily.

Exploits Alert

1. US EPA Report on Cybersecurity Flaws in Drinking Water Systems: The US Environmental Protection Agency has identified cybersecurity flaws in drinking water systems, highlighting the potential risks of disruption to these critical infrastructures. The report emphasizes the need for improved incident reporting to better manage and mitigate these threats. Source: Industrial Cyber
2. CISA Annual Top Exploited Vulnerabilities List: The Cybersecurity and Infrastructure Security Agency (CISA) has released its annual list of top exploited vulnerabilities, noting a rise in zero-day exploits and the continued problem of Log4Shell. The report underscores the importance of staying vigilant and up-to-date on the latest cybersecurity threats. Source: CPO Magazine
3. Vietnam Authority of Information Security Partners with CISA: The Vietnam Authority of Information Security and US CISA have signed a Memorandum of Understanding to enhance cybersecurity and protect critical digital infrastructure. This partnership aims to strengthen cybersecurity measures and foster stronger relations between the two countries. Source: The Cyber Express
4. Cisco ECE Vulnerability Could Trigger DoS: CERT-In has issued an alert about a high-severity vulnerability in Cisco ECE that could trigger a Denial of Service (DoS) attack. The alert emphasizes the need for immediate patching to prevent potential exploitation. Source: The Cyber Express
5. Palo Alto Warns of Hackers Exploiting RCE Flaw in Firewall Management Interfaces: Palo Alto Networks has issued an urgent security warning about hackers exploiting a Remote Code Execution (RCE) flaw in firewall management interfaces. The company urges users to update their systems to the latest version to mitigate this vulnerability. Source: Cybersecurity News

Vulnerabilities & Patches

1. Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors: Palo Alto Networks has confirmed a new zero-day vulnerability being exploited by threat actors. The vulnerability, yet to be assigned a CVE, is assessed as critical with a CVSS of 9.3. Palo Alto is currently working on a patch. Source: Infosecurity Magazine
2. GitLab Fixes Critical Kubernetes Agent Takeover Vulnerability: GitLab has patched a range of vulnerabilities in its Kubernetes Agent, with severity ranging from CVSS 5.3 to CVSS 8.5. The most critical vulnerability could potentially allow for a takeover of the agent. Source: Gridinsoft
3. WatchTowr Finds New Zero-Day Vulnerability in Fortinet Products: Security firm WatchTowr has discovered a new zero-day vulnerability in Fortinet products, identified as CVE-2024-23113. Fortinet has released a patch to address the issue. Source: Infosecurity Magazine
4. Microsoft Released November 2024 Patch Tuesday With ~90 Fixes: Microsoft's November 2024 Patch Tuesday addressed approximately 90 vulnerabilities, the most critical being CVE-2024-43498, a critical-severity remote code execution vulnerability. Source: Latest Hacking News
5. Critical Security Vulnerability in WordPress Really Simple Security Plugin: A critical security vulnerability, CVE-2024-10924, has been identified in the WordPress Really Simple Security plugin, affecting over 4 million websites. Source: Candid Technology

Podcasts

1. SWE Diverse Podcast Ep 288: CHIPS Act Update With Dr. Laurie E. Locascio: This episode features Dr. Laurie E. Locascio of the U.S. Department of Commerce discussing the CHIPS Act update. The podcast also highlights the importance of cybersecurity solutions in medical practices. Source: utv.ie
2. Your favorite security leadership podcasts: This podcast is dedicated to cybersecurity, risk, and tactics. It covers topics such as executive protection, threat intelligence, and loss prevention. The podcast also discusses hacking. Source: securitymagazine.com
3. Improving Surveillance With AI - Security Today: In this episode, Security Today and Campus Security Today editor Brent Dirks sits down with Aaron Saks, Senior Product and Technical Manager, to discuss how AI can improve surveillance. Source: securitytoday.com
4. PODCAST: Ransomware – a means to an end? With Sophos' Aaron Bugal - Cyber Daily: Host Liam Garman is joined by Aaron Bugal, field chief technology officer at Sophos, to unpack how ransomware is used as a means to an end. Source: cyberdaily.au
5. Navigating the NYDFS' Cybersecurity Guidance on AI - Troutman Pepper: Chris Willis and Kim Phan discuss the latest cybersecurity guidance from the New York Department of Financial Services concerning artificial intelligence. Source: troutman.com

Wisdom from the ONSEC Founders' Vault

Lab for pentesting iOS applications. This guide provides a comprehensive step-by-step process for setting up a penetration testing lab for iOS applications, including jailbreaking devices, installing Frida and BurpSuite, and using them to analyze traffic and test the DVIA-v2 application. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, we'd like to remind you that cybersecurity is not a one-man job. It's a collective effort. From the US EPA's report on cybersecurity flaws in drinking water systems to the rise of zero-day vulnerabilities, it's clear that the digital landscape is fraught with challenges. But, with cooperation like that between the Vietnam Authority of Information Security and US CISA, we can strengthen our defenses and protect our critical digital infrastructure. Remember, every click, every share, every download has the potential to impact cybersecurity. So, let's stay informed, stay vigilant, and most importantly, let's stay safe. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. Together, we can make a difference in the world of cybersecurity. Stay tuned for more updates tomorrow. Until then, keep your data safe and your systems secure.