Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a whirlwind of cybersecurity warnings, vulnerabilities, and cyberattacks that are making headlines worldwide. First up, we have a critical warning for all Windows users. A zero-day vulnerability with no official fix has been confirmed, leaving millions of users exposed. Veteran cybersecurity writer, Davey Winder, provides an in-depth analysis of this vulnerability and the 0patch micro-patching platform. In international news, China has dismissed cyber spying claims as 'groundless frame-ups', urging countries to halt cyberattacks and refrain from using cybersecurity issues to defame China. Meanwhile, the FBI has issued a warning to iPhone and Android users about new cyberattacks, emphasizing the importance of vigilance and proactivity. In a significant crackdown on cybercrime, authorities have dismantled over 50 servers used by a criminal marketplace. This operation serves as a stern warning to cybercriminals worldwide. Tech giants Samsung and Apple have received hack alerts from CERT-In, highlighting multiple vulnerabilities in their products. Cisco users are also urged to update their software immediately to protect their devices from a dangerous flaw. In the podcast world, we have a plethora of cybersecurity insights from Contrast CISO David Lindner, discussions on overcoming AI risks and workforce challenges in cybersecurity, and a deep dive into the NTLM bug that sees and steals. Finally, we wrap up with news of a data breach at Atrium Health impacting 585,000 individuals, potentially linked to the use of online tracking tools. Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay safe, stay informed with ONSEC Cyber Daily.

Exploits Alert

1. New Windows Warning As Zero-Day With No Official Fix Confirmed For All Users: Veteran cybersecurity writer, Davey Winder, has reported a new vulnerability in Windows 7 to 11, with no official fix yet available. The issue is being addressed by the 0patch micro-patching platform. Source: Forbes
2. China Calls Cyber Spying Claims 'Groundless Frame-Ups' As West Issues Fresh Warning: China has dismissed allegations of cyber spying as 'groundless frame-ups' and called on countries to stop launching cyberattacks. This comes in response to a fresh warning issued by the West. Source: SCMP
3. FBI Warns iPhone and Android Users About New Cyber Attacks: The FBI has issued a warning about new cyber attacks targeting iPhone and Android users. The warning emphasizes the importance of vigilance and proactive measures, with cybercrime expected to cost the global economy $10.5 trillion. Source: Music Essentials
4. Safe Ways to Text After Cyber Security Attack Prompts FBI Warning: The FBI has issued a warning about the vulnerability of certain text messages to interception by foreign spies. The warning highlights the importance of understanding safe ways to text. Source: Local3News
5. Samsung, Apple Get Hack Alert from CERT-In: The Indian Computer Emergency Response Team (CERT-In) has issued a warning to Samsung and Apple about multiple vulnerabilities in their products that could potentially be exploited by hackers. Source: MSN

Vulnerabilities & Patches

1. Cisco Software Flaw (CVE-2024-20272): Cisco has urgently called on customers to update their software to protect against a high-risk vulnerability, CVE-2024-20272. Failure to do so could put devices at risk of being compromised. Source: MSN.
2. CyberPanel Flaw: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a flaw in CyberPanel to its Known Exploited Vulnerabilities catalog. This move highlights the importance of addressing this vulnerability promptly. Source: Security Affairs.
3. Atrium Health Data Breach: Atrium Health has reported a data breach affecting 585,000 individuals. The breach is potentially linked to the use of online tracking tools and underlines the importance of robust data security measures. Source: Security Affairs.

Podcasts

1. Cybersecurity Insights with Contrast CISO David Lindner: This podcast features an insightful discussion with Contrast CISO David Lindner, focusing on the latest cybersecurity trends and challenges. Source: Security Boulevard
2. Week in Review: Cloudflare's lost logs, cyber-unsafe employees: This episode provides a weekly roundup of the most pressing cybersecurity issues, including Cloudflare's lost logs and the risks posed by cyber-unsafe employees. Source: CISO Series
3. Overcoming AI Risks, Workforce Challenges in Cybersecurity: This podcast discusses the risks associated with AI and the workforce challenges in the cybersecurity sector. Source: Government Technology
4. The NTLM bug that sees and steals: This episode of the CyberWire Daily Podcast discusses the NTLM bug that has the potential to see and steal sensitive information. Source: CyberWire
5. AI for university assignments, hurting tomorrow's leaders?: This episode of the Cyber Uncut podcast discusses the implications of using AI for university assignments and how it might be negatively impacting future leaders. Source: Cyber Daily

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the latest Windows warning to the ongoing cyber spying claims against China. We've also touched on the FBI's warnings about new cyber attacks on iPhone and Android users, and the dismantling of servers used by criminal marketplaces. Remember, staying informed is the first step in protecting yourself and your organization from cyber threats. So, don't forget to update your software, patch any vulnerabilities, and always be vigilant about your cybersecurity. If you found this newsletter helpful, please consider sharing it with your friends and colleagues. Let's work together to stay one step ahead of the cybercriminals. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.