In the latest episode of the CyberHub Podcast, the host dives deep into the busy day of Patch Tuesday, focusing on essential updates and vulnerabilities across a range of platforms.
Here's a breakdown of each key topic along with one actionable takeaway.
Microsoft Patch Tuesday (118 Vulnerabilities)
Microsoft addressed 118 flaws, including five publicly disclosed zero-day vulnerabilities, two of which are being actively exploited. Affected systems range from Microsoft Management Console to legacy Internet Explorer components. Notably, the vulnerabilities fall into several categories, with a focus on remote code execution and privilege escalation.
Action Item: Prioritize patching the two zero-day vulnerabilities actively being exploited (CVE-2024-43572, CVE-2024-37543). These should be the focus of immediate action across all affected systems.
Adobe’s Security Patches
Adobe released urgent patches for vulnerabilities across Adobe Commerce, Magento, and Dimension software. Two critical vulnerabilities were found in Commerce with a CVSS score of 9.8, posing remote code execution risks on both Windows and Mac OS.
Action Item: Patch Adobe Commerce and Magento systems immediately, especially if you run a business with an e-commerce component. This helps mitigate potential privilege escalation and code execution attacks.
Industrial Control Systems (ICS) – Siemens and Schneider Updates
Siemens issued advisories addressing critical vulnerabilities in products such as the SYNAC Security Monitor and Centron PAC systems. Schneider Electric also published eight new advisories, including a critical vulnerability in their Harmony IPC systems, which could lead to sensitive information leaks.
Action Item: For those in OT environments, make sure to thoroughly test all patches in a controlled environment before deployment. Focus on vulnerabilities affecting critical infrastructures like Centron PAC systems.
SAP and Qualcomm Patch Updates
SAP addressed vulnerabilities in BusinessObjects BI Suite and enterprise project connection systems, with a critical bug (CVE-2024-41730) in BusinessObjects.
Qualcomm, meanwhile, patched 20 vulnerabilities, including a potential zero-day exploit actively targeted.
Action Item: Apply the necessary SAP updates immediately, focusing on high-impact environments like BusinessObjects. For Android users, track the Qualcomm patches closely, especially around CVE-2024-43047.
Golden Jackal Attacks on Air-Gapped Systems
Golden Jackal, an advanced persistent threat (APT), has successfully breached air-gapped government systems using USB-based malware. These attacks targeted diplomatic entities and government organizations, focusing on espionage.
Action Item: Strengthen physical security and implement stricter control over USB device usage, especially in sensitive environments that utilize air-gapped systems.
Ivanti’s Zero-Day Flaws
Ivanti disclosed three new zero-day vulnerabilities, adding to their string of recurring security issues. These flaws affect CSA cloud services, with active exploitation seen in version 5.0.1 and earlier.
Action Item: Evaluate whether Avanti products are still the best fit for your security environment. If patching isn’t enough, consider exploring alternative solutions to avoid repeat zero-day vulnerabilities.
Golden Jackal APT Breaches Government Systems
Advanced persistent threat group Golden Jackal targeted air-gapped systems with two custom toolsets, stealing sensitive data. Their breaches raise alarms for highly secured environments like embassies and government bodies.
Action Item: Implement stricter control over removable media and enhance the monitoring of critical systems with air-gapped environments to detect anomalies early.
Joe Sullivan’s Legal Battle
Former Uber CISO Joe Sullivan seeks a new trial following his conviction related to the 2016 Uber data breach. His defense argues that the jury was not properly instructed, which may have led to an unjust ruling.
Action Item: Review incident response protocols and legal responsibilities for reporting breaches. Ensure that executives are aware of legal requirements to avoid future liabilities.
Key Takeaway
Action Item Summary:
Patch Microsoft and Adobe vulnerabilities immediately.
Test and apply ICS patches in a controlled environment.
Ensure all Android devices are up to date with Qualcomm's latest fixes.
Consider reviewing Ivanti’s role in your security architecture.
Tighten controls on USB devices in high-security environments.
Stay updated with the latest security news by subscribing to the CyberHub Podcast and James Azar’s Substack. As we approach election season, the podcast will cover how privacy and security concerns factor into the race between Kamala Harris and Donald Trump.
✅ Story Links:
https://www.securityweek.com/adobe-patches-critical-bugs-in-commerce-and-magento-products/
https://www.securityweek.com/sap-patches-critical-vulnerability-in-businessobjects/
https://www.securityweek.com/qualcomm-alerted-to-possible-zero-day-exploited-in-targeted-attacks/
https://www.securityweek.com/creditriskmonitor-data-breach-impacts-employee-information/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post