Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and alerts you need to know. We start off in Rhode Island, where the state's social service and healthcare technology infrastructure is under attack by cybercriminals. Despite the Auditor General's repeated warnings, the legislature has yet to address these cybersecurity vulnerabilities, leaving personal information of hundreds of thousands of residents at risk. In the software world, Apache Struts is under the spotlight with a critical flaw detected and exploitation attempts already underway. The same goes for Cleo Software, with cybercriminal organization Cl0p claiming responsibility for identifying and exploiting these vulnerabilities. Meanwhile, BeyondTrust has patched a critical vulnerability discovered during a security incident probe, and Hitachi Energy is dealing with a DoS vulnerability in its TropOS core routers and edge nodes. The FBI has issued warnings about HiatusRAT scanning campaigns targeting Chinese-made cameras and DVRs, and Dell has issued an update to correct a SQL Injection Information Disclosure Vulnerability in its Avamar Fitness Analyzer API. In the podcast world, we have a variety of cybersecurity episodes to keep you informed and updated. From the AI Fix discussing AI on OnlyFans and the bot that wants to be a billionaire, to the CyberWire Daily Podcast discussing the cost of peeking at U.S. traffic, there's plenty to tune into. Stay safe, stay informed, and stay tuned for more updates in tomorrow's issue of ONSEC Cyber Daily.

Exploits Alert

1. Rhode Island's Social Service and Healthcare Tech Infrastructure Attacked: Cybercriminals have targeted Rhode Island's social service and healthcare technology infrastructure. Despite previous warnings from the Auditor General, the vulnerabilities remain unaddressed. Source: GoLocalProv.
2. Critical Apache Struts Flaw Detected: A critical flaw has been found in Apache Struts, with exploitation attempts already detected. Users are urged to patch their systems immediately to prevent potential cyber attacks. Source: The Hacker News.
3. Rhode Island Auditor General's Cybersecurity Warnings Ignored: The Auditor General of Rhode Island has been warning the state about cybersecurity issues for years. Despite these warnings, the exact system vulnerabilities mentioned in his reports have been exploited. Source: YouTube.
4. Personal Information of Rhode Island Residents at Risk: Governor Dan McKee has stated that the personal information of hundreds of thousands of Rhode Island residents could potentially be shared by cybercriminals due to unaddressed cybersecurity vulnerabilities. Source: WJAR.
5. Cleo Software Vulnerabilities Exploited by Cl0p: The cybercriminal organization Cl0p has publicly claimed responsibility for identifying and exploiting vulnerabilities in Cleo software. Users are advised to patch and investigate these critical and high vulnerabilities. Source: The National Law Review.

Vulnerabilities & Patches

1. BeyondTrust Patches Critical Vulnerability (CVE-2024-12356): BeyondTrust has patched a critical vulnerability (CVE-2024-12356) with a CVSS score of 9.8. The vulnerability is an unauthenticated command injection bug that can be exploited. Source: Security Week
2. Unpatched Cleo Managed File-Transfer Software Vulnerabilities (CVE-2024-50623): Cleo's managed file-transfer software has multiple vulnerabilities, including CVE-2024-50623, which are being exploited by the Clop ransomware group. Source: GovInfoSecurity
3. HiatusRAT Scanning Campaigns Targeting Chinese-made Cameras and DVRs (CVE-2021-33044): The FBI warns of HiatusRAT scanning campaigns targeting Chinese-made cameras and DVRs. Dahua recommends downloading a patch for the CVE-2021-33044 vulnerability. Source: Industrial Cyber
4. Critical Apache Struts Flaw (CVE-2024-53677): A critical Apache Struts flaw (CVE-2024-53677) with a CVSS score of 9.5 enables remote code execution. A patch is now available in version 6.4.0. Source: The Hacker News
5. Dell Avamar Fitness Analyzer API SQL Injection Vulnerability (CVE-2024-47977): An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Dell has issued an update to correct this. Source: Systemtek

Podcasts

1. Syria Unearths Years of Atrocities - The New York Times: This podcast episode delves into the atrocities unearthed in Syria, featuring Christina Goldbaum, the Afghanistan and Pakistan correspondent. It provides an in-depth analysis of the situation in the region. Source: New York Times
2. Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 218 - JD Supra: This episode, recorded at NC Life Sciences Organization's Annual Meeting, features John Van Hoy, Executive Director of Data Science. The discussion revolves around the intersection of healthcare, life sciences, and data science. Source: JD Supra
3. The AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaire - Graham Cluley: This episode discusses the implications of AI on platforms like OnlyFans and the concept of a bot aspiring to be a billionaire. It's a deep dive into the intersection of AI, cybersecurity, and social media. Source: Graham Cluley
4. Podcast - A Comprehensive Overview of FOCI Mitigation | Insights - Holland & Knight: In this episode, host Molly O'Casey and members of Holland & Knight's International Trade team discuss FOCI mitigation, providing a comprehensive overview of the topic. Source: Holland & Knight
5. New Podcast Alert: SANS Cyber Leaders Series Offers Strategic Tools for CISOs - PRWeb: This new podcast series by SANS offers strategic tools for CISOs. The first two episodes debuted on December 13, 2024, with new episodes released weekly every Friday at 6:00 a.m. GMT. Source: PRWeb

Final Words

And that's a wrap for today's ONSEC Cyber Daily. As we've seen, the cyber landscape is ever-changing, with new vulnerabilities and threats emerging daily. From the unaddressed security warnings in Rhode Island's social service and healthcare technology infrastructure to the critical Apache Struts flaw, it's clear that cybersecurity is not a one-and-done deal. It requires constant vigilance, regular updates, and timely patching. Remember, knowledge is power. By staying informed, we can better protect our systems and data from cybercriminals. So, don't keep this valuable information to yourself. Share ONSEC Cyber Daily with your friends and colleagues. Let's work together to create a safer digital world. Also, don't forget to check out the latest episodes of your favorite cybersecurity podcasts for more in-depth discussions and insights into the world of cybersecurity. Until next time, stay safe and secure.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn