Posts

Cybersecurity Updates For Week 13 of 2022

Spring Core on JDK9+ is vulnerable to remote code executio

Spring Core on JDK9+ is vulnerable to remote code execution due to a bypass for CVE-2010-1622. At the time of writing, this vulnerability is unpatched in Spring Framework and there is a public proof-of-concept available. As we have remediation advice for customers (see below), we have elected to share this information publicly.

Read more:
https://www.praetorian.com/blog/spring-core-jdk9-rce/

Microsoft Exchange targeted for IcedID reply-chain hijacking attacks

The distribution of the IcedID malware has seen a spike recently due to a new campaign that hijacks existing email conversation threads and injects malicious payloads that are hard to spot.

Read more:
https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/amp/

Critical Sophos Security Bug Allows RCE on Firewalls

Cybersecurity stalwart Sophos has plugged a critical vulnerability in its firewall product, which could allow remote code-execution.

Read More:
https://threatpost.com/critical-sophos-security-bug-rce-firewalls/179127/

Other news worth mentioning:

Apple Issues Patches for 2 Actively Exploited Zero-Days in iPhone, iPad and Mac Devices
Critical hijacking bugs that took months to patch in Microsoft Azure Defender for IoT
Cybercriminals Fighting Over Cloud Workloads for Cryptomining
New Version of PCI DSS Designed to Tackle Emerging Payment Threats