Cyber Daily 11/30: Russian 0-Click Backdoor Attack on Windows, Bank of England's Cyber Threat Warning, Chinese Cyberespionage Impact on Gov Agencies, Microsoft and Oracle's Critical Patches

Cyber Daily 11/30: Russian 0-Click Backdoor Attack on Windows, Bank of England's Cyber Threat Warning, Chinese Cyberespionage Impact on Gov Agencies, Microsoft and Oracle's Critical Patches

Welcome to ONSEC Cyber Daily Newsletter! Stay ahead of the curve with today’s critical updates in cybersecurity. From alarming 0-click backdoor attacks targeting Windows systems to high-risk vulnerabilities in industry-critical software, the landscape of threats continues to evolve. This edition highlights the latest exploits and patches, emphasizing the urgency for robust security measures across sectors. Whether it’s the Bank of England sounding alarms on financial cyber risks or government agencies scrambling to address critical flaws, the stakes have never been higher. Read on to equip yourself with the insights and actions needed to safeguard your systems.

Exploits Alert

  1. New Windows Backdoor Warning—0-Click Backdoor Russian Cyber Attack: A new 0-click backdoor cyber attack has been confirmed by ESET, shifting the group's focus to include espionage operations for intelligence collection, alongside its conventional cybercrime activities. Source: Forbes
  2. Bank of England issues warning on cyber attacks and trade threats: The Bank of England has highlighted the vulnerability of its financial sector to cyber attacks, despite UK households, businesses, and banks appearing to be in good shape. Source: PressReader.com
  3. The Impact of Cybersecurity Vulnerabilities on Government Agencies: The reported cyberespionage activities linked to Chinese hacking groups like Earth Kasha have underscored the urgency for robust cybersecurity measures in government agencies. Source: Be3

Vulnerabilities & Patches

  1. Microsoft Takes Action Against Security Flaws Targeting Users: Microsoft has released patches for three more issues, two of which are rated as Critical and one as Important. The tech giant continues to take proactive measures to protect its users from potential security threats. Source: Evrim Ağacı.
  2. Critical ICS Vulnerabilities in Schneider Electric, mySCADA, Automated Logic: CERT-In has flagged a high-risk vulnerability (CVE-2024-21287) in Oracle Agile PLM Framework that exposes sensitive data. Users are urged to patch now to prevent data breaches. Source: The Cyber Express.
  3. Attacks on file-sharing platform ProjectSend: A known vulnerability (CVE2024-11680) in ProjectSend, a file-sharing platform, has been exploited. The developers released a security update in May 2023, and users are advised to patch now to prevent further attacks. Source: heise online.
  4. Zyxel Firewalls Exploited in Helldown Ransomware Attacks: A critical flaw in Oracle Agile PLM Framework (CVE-2024-21287) has been exploited in Helldown ransomware attacks on Zyxel firewalls. CERT-In has flagged this as a high-risk vulnerability and urges users to patch now. Source: The Cyber Express.
  5. US government agencies told to patch critical security flaws or face attack: The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-28461 to its Known Exploited Vulnerabilities catalog. Federal agencies have been given until December 16 to patch up this bug, which is currently being exploited. Source: MSN.

Final Words

Cyber threats evolve rapidly, and staying informed is key to staying protected. If you found this edition valuable, share it with your team, colleagues, or fellow cybersecurity enthusiasts. Together, we can build a more secure digital landscape. Don’t forget to subscribe for daily updates and critical insights straight to your inbox. Stay safe, stay vigilant!