Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Google has launched Chrome Enterprise Premium, an upgraded version of its browser for organizations that offers enhanced security features for a monthly fee per user. This new version adds threat and data protection, improved control options, and better reporting capabilities, aimed at strengthening endpoint security at the browser level. With features such as context-based access controls, support for multiple TCP protocols, and AI-powered threat protection, Chrome Enterprise Premium is designed to offer robust security measures for modern enterprises. Some early adopters, including companies like Snap and Roche, have reported significant & immediate benefits from implementing the new browser version.
By bleepingcomputer.com
Fortinet has issued an urgent patch for a critical vulnerability in FortiClientLinux, identified as CVE-2023-45590 with a CVSS score of 9.4. The flaw allows for arbitrary code execution and is caused by improper control of code generation; it is worth noting that exploitation requires the victim to visit a malicious website, making successful social engineering a must.
This vulnerability affects versions 7.0.3 to 7.0.4, and 7.06 to 7.10 of FortiClientLinux versions. Upgrading to version 7.0.11 is advised. Users of FortiClientLinux version 7.2.0 are advised to upgrade to 7.2.1 or above.
There is no evidence of the vulnerabilities being exploited in the wild, but updating is strongly advised to mitigate risks.
By cybernews.com
Microsoft resolved a security issue where internal files and credentials were exposed due to an unprotected Azure cloud storage server. Discovered by SOCRadar researchers, the server contained critical data for Microsoft’s Bing search engine, including passwords and keys, which could potentially lead to more significant data breaches. Microsoft addressed the issue upon notification, but the duration of exposure remains unclear. It is unclear whether Microsoft has reset the involved credentials, and it is unknown whether the exposed data was discovered or accessed by any threat actors. This incident is part of a series of security challenges Microsoft has faced in recent times and serves as a minor setback in the company’s effort to rebuild trust with their customers.
By techcrunch.com
Apple has issued warnings to iPhone users across 92 countries about targeted mercenary spyware attacks aiming to compromise their devices. These highly sophisticated and well-funded attacks, often associated with entities like NSO Group's Pegasus, primarily target individuals due to their significant roles or the sensitive information they possess. All observed attacks so far have been targeted, with journalists, politicians, and diplomats being the most likely victims; if Apple believes you are a potential target of this spyware campaign, you will likely receive an email with the following message:
"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,"
Apple advises the following actions to protect against such attacks:
- Enabling lockdown mode on the device
- Updating your device to the latest version
- Seek assistance from experts (for example, the Digital Security Helpline)
By bleepingcomputer.com
Bitdefender's research into LG's WebOS TV operating system revealed several vulnerabilities in versions 4 through 7 that allowed root access by bypassing authorization mechanisms. These issues, affecting over 91,000 devices accessible via the Internet, include adding extra users without authorization, executing commands as root, and exploiting vulnerabilities in system services and API endpoints.
The disclosure process for these flaws began in November 2023, with patches released by March 2024. The security of IoT devices is often overlooked; this investigation highlights the importance of securing IoT devices against unauthorized access and control.
For more details, you can read the full report on Bitdefender's website.
By bitdefender.com
Microsoft’s Patch Tuesday instalment for April addresses a total of 150 vulnerabilities, considerably more than last month’s release. Despite being a huge batch of updates, there are only 3 critical vulnerabilities patched this month, as well as 1 publicly disclosed, and 2 actively exploited flaws.
The most notable flaws addressed this month include: Microsoft Defender for IoT Remote Code Execution, Defender SmartScreen Security Feature Bypass, Proxy Driver Spoofing, and more.
Read Ironshare’s Round-Up of Microsoft’s April Patch Tuesday here.
Stay Safe, Secure and Healthy!
Edition #272 – 12th April 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
