Welcome to today's issue of ONSEC Cyber Daily! We're diving into a series of vulnerabilities that have been making waves in the cybersecurity world. First up, we're looking at a flaw in the TCC iOS Subsystem that's leaving iCloud data exposed to attackers. Then, we're shifting our focus to the active exploitation of Cleo file transfer software, a critical flaw that's currently under mass exploitation. We're also discussing a NetRise study that highlights containers as the fastest-growing yet most vulnerable cybersecurity link. In other news, Dell is urging users to update their systems immediately to fix a critical Power Manager vulnerability. We'll also be covering the ongoing exploitation of Cleo file transfer products by hackers, and the urgent updates required to address this issue. Meanwhile, new vulnerabilities in QNAP NAS are putting 6 million users at risk. In patch news, we'll be discussing the latest updates from Microsoft, Ivanti, and Cleo, as well as the critical flaws that have been addressed. Finally, we'll be touching on some interesting podcast episodes that delve into the world of cybersecurity, including discussions on cyber crimes, cyber warfare strategies, and the impact of AI on business leadership. Stay tuned for these stories and more in today's ONSEC Cyber Daily. Stay safe and informed!

Exploits Alert

1. TCC iOS Subsystem Vulnerability Exposes iCloud Data To Attackers: A bypass in the TCC mechanism of iOS subsystems has been found to expose iCloud data to potential attackers. The vulnerability fails to alert users when another application tries to access their data. Source: Cyber Security News.
2. Active Exploitation of Cleo File Transfer Software: Security firms including Huntress and Rapid7 have warned of ongoing active exploitation of vulnerabilities in Cleo's suite of managed file transfer software. Source: Cyber Daily.
3. Critical Flaw in Cleo File-Transfer Software Under Mass Exploitation: A critical flaw in Cleo's file-transfer software is currently under mass exploitation. The company is working on a new patch and CVE as the existing patch is not providing adequate protection. Source: Cybersecurity Dive.
4. Containers Fastest-Growing, Most Vulnerable Cybersecurity Link: A new NetRise report has identified containers as the fastest-growing yet most vulnerable link in cybersecurity. The report provides an in-depth analysis of software compositions, vulnerability risks, and non-CVE risks across various asset classes. Source: Industrial Cyber.
5. Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability: Dell has issued an urgent update to fix a critical vulnerability in its Power Manager versions before 3.17. The vulnerability could potentially expose users to cyber threats. Source: Hackread.

Vulnerabilities & Patches

1. Cleo Harmony, VLTrader, and LexiCom - RCE via Arbitrary File Write (CVE-2024-50623): A critical vulnerability has been identified in Cleo Harmony, VLTrader, and LexiCom, allowing for Remote Code Execution (RCE) via arbitrary file write. Users are urged to apply the patch immediately. Source: Watchtowr Labs
2. Critical Ivanti CSA Auth Bypass (CVE-2024-11639) Patched Alongside Other High-Impact Flaws: Ivanti has patched a critical authentication bypass vulnerability (CVE-2024-11639) along with other high-impact flaws. Users are advised to update their systems as soon as possible. Source: SOC Radar
3. Microsoft's December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138): Microsoft's latest Patch Tuesday addressed 70 CVEs, including a critical vulnerability in the CLFS driver (CVE-2024-49138). Users are encouraged to apply the patches promptly. Source: Security Boulevard
4. Three more vulns spotted in Ivanti CSA, all critical, one 10/10: Three more critical vulnerabilities have been identified in Ivanti CSA, with one scoring a perfect 10/10 on the CVSS scale. Users are advised to patch their systems immediately. Source: The Register
5. Microsoft Office & Excel Vulnerabilities Expose Systems To RCE & Privilege Escalation: Serious vulnerabilities in Microsoft Office and Excel (CVE-2024-49059 and CVE-2024-49069) could expose systems to Remote Code Execution (RCE) and privilege escalation. Users are urged to apply the latest Patch Tuesday updates. Source: Cyber Security News

Podcasts

1. India report: President of India calls for unity against cyber crimes and climate change: The President of India emphasizes the need for unity in the fight against cybercrimes and climate change. This podcast episode discusses the importance of cybersecurity in the modern world and the role of unity in combating these threats. Source: SBS
2. ICYMI: Unpacking China And Russia's New Cyber Warfare Strategies: This episode delves into the new cyber warfare strategies of China and Russia. It provides insights into their tactics and the potential implications for global cybersecurity. Source: NPR
3. The Predictive Index (PI) Caps a Breakthrough Year with Two Gold Wins at Brandon Hall: The Predictive Index celebrates a successful year with two gold wins at the Brandon Hall Group Excellence in Technology Awards and the 100th episode of their podcast. The episode discusses the company's achievements and future plans. Source: BusinessWire
4. Taking the Pulse, A Health Care and Life Sciences Video Podcast: This podcast episode focuses on cybersecurity and privacy risks in the healthcare industry. It provides valuable insights into the challenges and potential solutions in this sector. Source: JDSupra
5. Cybersecurity Readiness Podcast by Dr. Dave Chatterjee Reaches 10000 Downloads Globally: Dr. Dave Chatterjee's Cybersecurity Readiness Podcast has reached a milestone of 10,000 downloads across 105 countries. The podcast features over 70 episodes discussing various aspects of cybersecurity readiness. Source: Business Insider

Final Words

And that's a wrap for today's ONSEC Cyber Daily. We've covered a lot of ground, from the TCC iOS Subsystem vulnerability exposing iCloud data to attackers, to the active exploitation of Cleo file transfer software, and the urgent need for updates due to the Cleo File Transfer vulnerability. We've also touched on the fastest-growing yet most vulnerable cybersecurity link, containers, and the critical vulnerability alert for Dell Power Manager. Remember, staying informed is the first step towards ensuring your digital safety. So, don't forget to share this newsletter with your friends and colleagues to help them stay one step ahead of the cyber threats too. We'll be back tomorrow with more updates from the world of cybersecurity. Until then, stay safe and secure!