Welcome to your ONSEC Cyber Daily for April 16. Today, we're diving into the potential global cybersecurity crisis as MITRE's CVE oversight ends due to a lapse in the U.S. government contract. This could leave a gap in vulnerability tracking that nation-state actors and cybercriminal groups could exploit. Meanwhile, Morocco is still reeling from its largest data leak, and Indian government is alerting WhatsApp Desktop users about potential risks. In other news, critical flaws have been fixed in the Nagios Log Server, but the cybersecurity world is on edge as the CVE program prepares to go dark. We also have updates on incomplete patches from NVIDIA that could leave AI infrastructure and data at risk, and warnings for Windows 11 users about a mysterious "inetpub" folder. Plus, Samsung Galaxy S24 users need to update due to a vulnerability that allows the creation of arbitrary files on affected installations. Finally, we have a roundup of the latest cybersecurity podcasts, including a new episode of the CISO Perspectives podcast with host Kim Jones and a discussion on the future of AI and cybersecurity on the TechSpective Podcast. Stay tuned for all this and more in today's issue.

Exploits Alert

1. Global Cybersecurity at Risk as MITRE's CVE Oversight Ends with U.S. Government Contract Lapse: The potential lapse of MITRE's CVE program could leave a gap in vulnerability tracking, increasing the risk of exploitation by cybercriminals and nation-state actors. Source: the420.in
2. Funding Expires for Key Cyber Vulnerability Database - Krebs on Security: The funding for the CVE program, a crucial cyber vulnerability database, will expire on April 16, 2025, as warned by MITRE vice president Yosry Barsoum. Source: krebsonsecurity.com
3. CVE Vulnerability Program May Collapse Imminently - The Stack: The potential collapse of the CVE vulnerability program could lead to the loss of a vital public sector warning system, as cyber threats do not respect borders. Source: thestack.technology
4. MITRE Warns of “Break in Service” Due to Possible Funding Issues - Cyber Daily: The MITRE Corporation has warned its CVE board members of a possible break in service due to funding issues, which could impact the tracking of cybersecurity vulnerabilities. Source: cyberdaily.au
5. WhatsApp Desktop Users Alerted by Indian Government: Is Your Version at Risk?: The Indian government's CERT-In has warned WhatsApp desktop users to stay updated and vigilant to prevent falling victim to cyberattacks. Source: munsifdaily.com

Vulnerabilities & Patches

1. Cybersecurity World On Edge As CVE Program Prepares To Go Dark: The DHS funding for MITRE's CVE program is expiring, which may lead to its shutdown. This could pose a significant threat to the cybersecurity world as the program is crucial for vulnerability scanners, patch management systems, and threat detection. Source: Forbes
2. Microsoft Asks Windows 11 Users Not to Delete Mysterious “inetpub” Folder: Microsoft has warned Windows 11 users not to delete the "inetpub" folder. The creation of this directory is directly linked to patching CVE-2025-21204, a significant elevation-of-privileges vulnerability. Source: Cybersecurity News
3. Incomplete NVIDIA Patch Could Leave AI Infrastructure and Data at Risk: Trend Micro Research found that a NVIDIA security update from September 2024 for a critical vulnerability (CVE-2024-0132) was incomplete. This could potentially leave AI infrastructure and data exposed. Source: Security Magazine
4. Hertz Says Personal, Sensitive Data Stolen in Cleo Attacks: Hertz reported that personal and sensitive data were stolen in Cleo attacks. The cybercrime crew Cl0p claimed responsibility for the attacks, exploiting CVE-2024-50623 and then CVE-2024-55956, which bypassed the initial patch. Source: The Register
5. Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations: A vulnerability in Samsung Galaxy S24 allowed the creation of arbitrary files on affected installations. Samsung has acknowledged and patched the vulnerability. Earlier this year, Google patched a similar Quick Share vulnerability. Source: Cybersecurity News

Podcasts

1. View from the Top - Episode #1: Michael Herron, CEO of Atos UK&I: This podcast gives a unique insight into the perspective of Michael Herron, the CEO of Atos UK&I, on various cybersecurity issues. Source: TechMarketView
2. CISO Perspective Podcast: The newly relaunched podcast offers a fresh look at cybersecurity from the perspective of a Chief Information Security Officer (CISO). Source: CyberWire
3. The AI Fix #46: AI can read minds now, and is your co-host a clone?: This episode discusses the latest developments in AI and cybersecurity, including the potential for AI to read minds and the implications of AI clones. Source: Graham Cluley
4. Navigating the Future of AI and Cybersecurity - TechSpective: This episode explores the generational divide in AI adoption and its implications for cybersecurity. Source: TechSpective
5. Episode 450 – Connecting and protecting in the age of AI: This podcast delves into the challenges and opportunities of developing cyber incident response capability in the age of AI. Source: Australian Cyber Security Magazine

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we are reminded of the ever-evolving landscape of cybersecurity. From the potential collapse of MITRE's CVE program to the alarming data leak in Morocco, the need for vigilance and proactive measures in the cyber world has never been more critical. Remember, cybersecurity is not just an IT issue, but a global concern that affects us all. So, let's continue to stay informed, stay updated, and most importantly, stay secure. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. After all, in the world of cybersecurity, knowledge is our best defense. Stay tuned for more updates tomorrow. Until then, stay safe and secure!

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn