Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we dive into the alarming warnings issued by the FBI and CISA about the vulnerability of text message data and the urgent need to use encrypted apps. This comes in the wake of recent cyberattacks linked to "Salt Typhoon," a threat actor associated with China's Ministry of Public Security. We also explore the latest vulnerabilities in CyberPanel, North Grid, ProjectSend, and Zyxel Firewalls, and the critical flaws in SAP BusinessObjects software. As cyber threats continue to evolve, we look at how the Shadowserver Foundation is helping network defenders with free intelligence feeds. In the hardware sector, we discuss the warnings issued by Japan's CERT on Zero-Day vulnerabilities in IO-Data Routers and the active exploitation of flaws in Zyxel, ProjectSend, and CyberPanel. We also cover the latest patches and updates for Mitel MiCollab, Zyxel, and Veeam software. Finally, we delve into the world of podcasts, discussing the outlook for tech jobs in 2025, the challenges of making AI safe and efficient, and the end of MATRIX. Stay tuned for all this and more in today's ONSEC Cyber Daily. Stay safe, stay informed.

Exploits Alert

1. FBI Issues Alarming Warning About Text Message Data Following Cybersecurity Hack: The FBI has issued a warning about the vulnerability of text messages sent between iPhones and Android devices. Officials suggest using encrypted messaging for sensitive communications. Source: mlive.com
2. CISA Warns Of CyberPanel, North Grid, ProjectSend & Zyxel Firewalls Flaws Exploited In Wild: CISA has issued a warning about a vulnerability in CyberPanel that allows attackers to bypass authentication and execute commands. Other systems, including North Grid, ProjectSend, and Zyxel Firewalls, are also reported to have exploitable flaws. Source: cybersecuritynews.com
3. SAP BusinessObjects Software Vulnerability | CVE-2024-41730: A security alert has been issued for a vulnerability in SAP BusinessObjects software. The official bulletin requires authentication for access. Source: stormshield.com
4. CISA Adds Critical Flaws to Known Exploited Vulnerabilities: CISA has added new critical flaws to its list of known exploited vulnerabilities. The National Crime Agency (NCA) and its partners are working to combat not just money laundering but the broader ecosystem of violence and cybercrime. Source: thecyberexpress.com
5. Japan's CERT Issues Warning on Zero-Day Vulnerabilities in IO-Data Routers: Japan's Computer Emergency Response Team (CERT) has issued a warning about zero-day vulnerabilities in IO-Data routers. The alert highlights the need for increased vigilance in the face of expanding attack surfaces. Source: vulnera.com

Vulnerabilities & Patches

1. Mitel MiCollab Zero-Day Vulnerability: A zero-day vulnerability in Mitel's MiCollab platform allows attackers to bypass authentication. The vulnerability, CVE-2024-41713, has been patched in October. However, an arbitrary file read zero-day is yet to be patched. Source: Help Net Security, Cybersecurity News, watchTowr Labs.
2. Zyxel, ProjectSend, CyberPanel Vulnerabilities: Critical vulnerabilities in Zyxel, ProjectSend, and CyberPanel are being actively exploited. The vulnerability in Zyxel, CVE-2024-51378, has a severity score of 10/10 and allows attackers to bypass authentication and execute arbitrary commands. Patches for CVE-2024-52564 have been made available. Source: TechRadar, The Hacker News.
3. ChatGPT Next Web Vulnerability: A vulnerability in ChatGPT Next Web, CVE-2023-49785, allows attackers to exploit the endpoint to perform Server-Side Request Forgery (SSRF). Users are advised to update the software to version 2.12 and configure the network to block unauthorized access. Source: GBHackers.
4. Samsung December 2024 Patch: Samsung has listed the security fixes for its December 2024 patch before rollout. The patch includes a fix for the vulnerability CVE-2024-38402. Source: MSN.
5. Veeam VSPC Vulnerabilities: Veeam has discovered critical vulnerabilities in its VSPC server, including CVE-2024-42449 and CVE-2024-42448. The former could leak an NTLM hash of the VSPC server, while the latter allows remote code execution on the server. Users are urged to update their systems. Source: Dark Reading, SC Media, Hackread.

Podcasts

1. Podcast: What is the outlook for tech jobs in 2025? - Computerworld: This podcast discusses the future of tech jobs, focusing on the hiring trends and the skills that will be in demand in 2025. It provides valuable insights for IT professionals planning their career paths. Source: Computerworld
2. Vulnerability Management ≠ Vulnerability Discovery - CISO Series: This episode explores the difference between vulnerability management and vulnerability discovery, emphasizing the importance of a proactive approach in cybersecurity. Source: CISO Series
3. Capt. Grace Hopper on Future Possibilities: Data, Hardware, Software, and People (Part Two, 1982) - No Such Podcast: Part two of a series featuring Capt. Grace Hopper, this episode delves into the future possibilities of data, hardware, software, and people in the field of computer science. Source: NSA
4. The Challenges of Making AI Safe and Efficient - Jonas Geiping // Cyber Valley Podcast #2: This podcast discusses the challenges of making AI safe and efficient, featuring insights from Jonas Geiping. It provides a deep dive into the complexities of AI and cybersecurity. Source: IDW Online
5. Ahead of the Threat Podcast: Episode Four - Wendi Whitmore - YouTube: In this episode, Wendi Whitmore discusses the importance of staying ahead of cyber threats. The podcast provides insights into the FBI's approach to cybersecurity. Source: YouTube

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found these updates informative and helpful in staying ahead of the curve in this ever-evolving cyber landscape. Remember, the first line of defense against cyber threats is awareness and preparedness. If you found this newsletter beneficial, we encourage you to share it with your friends and colleagues. Let's work together to create a safer digital world. Stay tuned for tomorrow's edition, where we'll bring you more exclusive updates from the world of cybersecurity. Until then, stay safe and secure!