Posts

Cybersecurity Updates For Week 11 of 2022

High-Severity DoS Vulnerability Patched in OpenSSL

OpenSSL updates announced on Tuesday patch a high-severity denial-of-service (DoS) vulnerability related to certificate parsing.

Read more:
https://www.securityweek.com/high-severity-dos-vulnerability-patched-openssl

CISOs face ‘perfect storm’ of ransomware and state-supported cybercrime

With not just ransomware gangs raiding network after network, but nation states consciously turning a blind eye to it, today’s chief information security officers are caught in a “perfect storm.

Read more:
https://www.theregister.com/2022/03/18/ciso_security_storm/

Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure

The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure.

Read More:
https://threatpost.com/agencies-satellite-hacks-gps-jamming-airplanes-critical-infrastructure/178993/

Other news worth mentioning:

Random number generator enhancements for Linux 5.17 and 5.18
Blockchain blocks identity theft
Leaked Ransomware Docs Show Conti Helping Putin From the Shadows
Meta fined €17 million by Irish regulator for GDPR violations

Microsoft MS15-034 (HTTP.sys DoS, Memory Disclosure and potential Remote Code Execution)

As mentioned in our post for Patch Tuesday April 2015, the MS15-034 has now work a working exploit which causes a DoS for unpatched Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2, if they’re running a service that’s using IIS (or any other service uding HTTP.sys) and have kernel caching turned on (which it is by default).

This DoS is extremely simple to cause (just a simple curl/wget), and will cause your server to have a BSOD.

Update: It seems like this issue also does information disclosure à la heartbleed. With small modifications to yesterdays published exploit one can disclose memory regions from a vulnerable server.
There has also been rumours that Exchange servers with autodiscovery turned on are vulnerable for DNS hijacking/corruption.

There are various ways to see if you are vulnerable, but they are not fool-proof and because of this it is extremely advised to just apply the patch.

It is just a matter of time now before a remote code execution exploit is released, which means someone would gain control of your server, so do not wait to patch your systems.

Cisco IOS Multiple DoS Vulnerabilities

Information regarding 7 DoS vulnerabilities for Cisco IOS was released yesterday by Cisco.
All of them are regarding DoS attacks, so it’s recommended to upgrade as soon as possible.

Cisco IOS Software Internet Key Exchange Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ike

Cisco IOS Software Smart Install Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall

Cisco IOS Software Zone-Based Policy Firewall Session Initiation
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce

Cisco IOS Software Network Address Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat

Cisco IOS Software Protocol Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt

Cisco IOS Software Resource Reservation Protocol Denial of Service
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp

Cisco IOS Software IP Service Level Agreement Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla