Welcome to the ONSEC Cyber Daily, your daily dose of cybersecurity news and updates. Today, we're diving into a series of critical developments that have been making waves in the cybersecurity landscape. First up, Microsoft has hit pause on its November 2024 Exchange Security Updates due to email delivery issues, a move that has left many organizations on edge. Meanwhile, the DEEPDATA Malware is exploiting an unpatched Fortinet flaw to steal VPN credentials, prompting urgent warnings for Fortinet users to stay alert. In other news, Microsoft is enhancing its CVE releases with machine-readable files, a significant step towards simplifying vulnerability management. However, the cybersecurity threats persist, with GeoVision devices being exploited by a botnet to install the notorious Mirai Malware. On the brighter side, ethical hackers are stepping up to help Howard County ward off cybercriminals, highlighting the importance of proactive defense against cyber threats. But the battle is far from over, as Palo Alto Networks grapples with a recently discovered vulnerability affecting its firewall, and the company is warning customers of hackers' exploitation attempts. In the world of patches and updates, Microsoft, Palo Alto Networks, and GitLab have been busy fixing vulnerabilities, while Fortinet has patched a VPN app flaw that could give rogue users a privilege boost. Finally, don't miss out on our podcast recommendations for the day, featuring insights from Contrast CISO David Lindner, an interesting take on what cybersecurity can learn from Tom Brady, and an in-depth discussion on the real concerns about cybersecurity. Stay tuned, stay updated, and most importantly, stay secure with ONSEC Cyber Daily.

Exploits Alert

1. Microsoft Halts November 2024 Exchange Security Updates Due to Email Delivery Issues: Microsoft has temporarily suspended its November 2024 Exchange security updates due to issues with email delivery. The company is working to resolve the problem and will resume updates once the issue is fixed. Source: vulnera.com
2. DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials: Cybersecurity experts have issued a warning about DEEPDATA malware, which is exploiting an unpatched flaw in Fortinet to steal VPN credentials. Fortinet users are advised to remain vigilant. Source: thehackernews.com
3. GeoVision Devices Exploited by Botnet to Install Mirai Malware: Taiwan's CERT has issued a warning about a vulnerability in GeoVision devices that is being exploited by a botnet to install Mirai malware. This is a resurgence of China's Volt Typhoon Botnet, a persistent cybersecurity threat. Source: vulnera.com
4. Ethical Hackers To Help Howard County Ward Off Cybercriminals: Howard County is employing ethical hackers to help ward off cybercriminals. When a vulnerability is found and publicly disclosed, it alerts everyone, including cybercriminals, to the vulnerability. Source: patch.com
5. Palo Alto Networks PAN-OS management interfaces under attack: Cybersecurity company Palo Alto Networks is warning customers that hackers are attempting to exploit a recently discovered vulnerability affecting their PAN-OS management interfaces. Source: techtarget.com

Vulnerabilities & Patches

1. Fortinet Patches VPN App Flaw: Fortinet has patched a vulnerability in its VPN app that could potentially allow rogue users or malware to gain increased privileges. The flaw has been assigned CVE-2024-50564, though an official security alert has not yet been issued. Source: Headtopics
2. Microsoft Adds Machine-Readable Files to CVE Releases: Microsoft is enhancing its CVE information by adding a new standard machine-readable format. This will streamline the process of understanding and addressing vulnerabilities. Source: MSSP Alert
3. November Patch Tuesday Includes Three Windows Zero-Day Fixes: Microsoft has updated a CVE twice in the same week, indicating a publicly disclosed vulnerability that requires immediate attention. The Patch Tuesday for November includes fixes for three Windows zero-day vulnerabilities. Source: Computerworld
4. Palo Alto Networks' Customer Migration Tool Vulnerabilities: Palo Alto Networks' customer migration tool has been hit by a trio of CVE exploits. The company advises customers unable to immediately update the software to turn off the tool. The vulnerabilities have been fixed in the latest update. Source: Cybersecurity Dive
5. GitLab Fixes Critical Kubernetes Agent Takeover Vulnerability: GitLab has patched a critical vulnerability that could allow for the takeover of Kubernetes agents. The vulnerabilities, which range in severity from CVSS 5.3 to CVSS 8.5, have been addressed in the latest GitLab update. Source: Gridinsoft

Podcasts

1. Cybersecurity Insights with Contrast CISO David Lindner: This episode features an insightful discussion with Contrast CISO David Lindner, focusing on the latest cybersecurity trends and challenges. Source: Security Boulevard
2. One tap, total access: Pegasus exploits unveiled: This podcast reveals the extent of spyware infections, as unveiled in unredacted court filings from WhatsApp's 2019 lawsuit against NSO Group. Source: CyberWire
3. Executive Perspectives, Episode 3, Bobby Mehta: This episode features a conversation with Bobby Mehta, discussing executive perspectives on cybersecurity. Source: Security Boulevard
4. What Cybersecurity Can Learn from Tom Brady: This unique episode draws parallels between cybersecurity and the strategies of football star Tom Brady. Source: iHeart
5. The Right Track Podcast Series, Episode 11- Infrastructure Revolution: This episode features a conversation with Serge Maillet, discussing the revolution in infrastructure and its implications for cybersecurity. Source: Global Railway Review

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found our insights valuable and actionable. Remember, the world of cybersecurity is ever-evolving, and staying informed is your first line of defense. If you found this information helpful, why not share it with your friends and colleagues? After all, cybersecurity is a shared responsibility. Let's work together to make our digital world a safer place. Stay safe, stay informed, and see you in the next edition of 'ONSEC Cyber Daily'.