Welcome to your ONSEC Cyber Daily for December 20th. Today, we're diving into a series of critical cybersecurity issues that have been making headlines. The FBI has issued a stark warning about HiatusRAT malware, a threat that's been targeting webcams and DVRs, leaving them vulnerable to cyberattacks. In other news, the Cybersecurity and Infrastructure Security Agency (CISA) is urging immediate patching of an exploited BeyondTrust vulnerability. This comes on the heels of a cyberattack on BeyondTrust's remote support SaaS instances, underscoring the urgent need for proactive security measures. Meanwhile, Trend Micro is warning of AI-driven cyber threats that could significantly impact scams and cyber operations by 2025. This prediction comes as a reminder that the future of cybersecurity is not only about dealing with present threats but also anticipating future ones. In the world of cybercrime, the admin of Raccoon Infostealer has been arrested for hacking computers, serving as a warning to cybercriminals worldwide. On the patching front, Fortinet has addressed unpatched critical RCE vectors, while BeyondTrust has patched all cloud instances following a cyberattack. However, despite patches being released for a critical flaw in a WordPress plugin, only a small number of sites have been updated, leaving many still at risk. Finally, we'll be discussing the latest cybersecurity podcast episodes, including a look back at the year in review and a look ahead at what's to come in the cybersecurity world. Stay tuned for these stories and more in today's ONSEC Cyber Daily.

Exploits Alert

1. Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns: The FBI has issued an alert about the Hiatus RAT malware that is currently targeting webcams and DVRs. Cybersecurity companies have also observed these actors using the malware. Source: Infosecurity Magazine
2. CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability: The Cybersecurity and Infrastructure Security Agency (CISA) has urged immediate patching of a vulnerability in BeyondTrust, which has been exploited. Source: SecurityWeek
3. Trend Micro Warns of AI-Driven Cyber Threats by 2025: Trend Micro has released a report predicting AI-driven cyber threats by 2025 that could significantly impact scams and cyber operations. Source: IT Brief Asia
4. Tibbo AggreGate Network Manager Vulnerability: A vulnerability in Tibbo AggreGate Network Manager has been reported to CISA by Vu Khanh Trinh of VNPT Cyber Immunity, working with Trend Micro Zero Day Initiative. Source: CISA
5. BeyondTrust Suffers Cyberattack: Remote Support SaaS Instances Breached: BeyondTrust, a cybersecurity firm, has suffered a cyberattack, with its Remote Support SaaS instances being breached. Source: VULNERA

Vulnerabilities & Patches

1. Fortinet Addresses Unpatched Critical RCE Vector: Fortinet has patched two critical vulnerabilities, CVE-2023-34990 and CVE-2023-48782, in its Wireless LAN Manager (FortiWLM). These vulnerabilities could have allowed unauthenticated remote access. Source: Dark Reading
2. BeyondTrust SaaS instances breached in cyber attack: BeyondTrust has patched a medium-severity vulnerability, CVE-2024-12686, in its cloud instances. The patch was released on Dec. 16, following a cyber attack. Source: TechTarget
3. Critical flaw in WordPress plugin exploited to install malicious software: A critical flaw, CVE-2024-9707, in a WordPress plugin has been patched. Despite the patch, only 1,800 sites have been updated, leaving many still vulnerable. Source: SC Media
4. Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2: A new vulnerability, CVE-2024-53677, in the Apache framework is causing major issues for IT teams. Patching this vulnerability is a priority. Source: Dark Reading
5. Mandiant traces Cleo file-transfer exploits back to October: Huntress warned that a patch for CVE-2024-50623, an unrestricted file upload and download vulnerability, was not offering adequate protection. Source: Cybersecurity Dive

Podcasts

1. Protect, Prepare, Prevail: Navigating A Complex Cybersecurity World: This podcast episode features Blakes lawyers discussing the latest Canadian cybersecurity issues. The conversation provides insights into the complexities of navigating the cybersecurity world. Source: Mondaq
2. PODCAST: The year in review and a look at the year ahead: In this episode of the Cyber Uncut podcast, hosts David Hollingworth and Daniel Croft review some of the biggest and most intriguing cybersecurity events of the past year and look ahead to the future. Source: Cyber Daily
3. The key to growing a cybersecurity career are soft skills: This podcast emphasizes the importance of soft skills in growing a cybersecurity career, alongside technical skills. The discussion provides valuable insights for those looking to advance in the field. Source: Security Boulevard
4. Moore's Law at 60: how it's still changing the world: This episode dives into the future of computing with Sanjay, discussing the impact of Moore's Law on cybersecurity, risk, and compliance essentials. Source: Interesting Engineering
5. This week's podcast episode: Banks are over-supervised and over-regulated: This podcast discusses the over-supervision and over-regulation of banks, including safeguards on capital, liquidity, credit exposure, market and interest rate exposure, cybersecurity, and consumer protection. Source: Consumer Finance Monitor

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, we leave you with a reminder that the cyber world is ever-evolving. The threats we face today, from the HiatusRAT malware to the BeyondTrust vulnerability, are a testament to the importance of staying vigilant and informed. Remember, cybersecurity is not just the responsibility of IT professionals but of every individual who interacts with the digital world. So, let's make it our mission to stay one step ahead of cyber threats. If you found today's newsletter helpful, please share it with your friends, colleagues, and anyone else who could benefit from this information. Let's spread the word and build a safer cyber community together. Stay safe, stay informed, and see you in the next edition of 'ONSEC Cyber Daily'.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn