Critical Infrastructure

SecList ICS

• Threat landscape for industrial automation systems. H2 2023
• ICS and OT threat predictions for 2024

Security Magazine

• 66% of IT leaders doubt the government can defend against cyberwarfare
• An ally for organizations navigating the complex cyber terrain
• Critical infrastructure may be the subject of disruptive cyberattacks
• Report provides key insights into the energy and utilities sector
• VEC and BEC attacks rise in the energy and infrastructure industry
• 90% of global energy companies experienced a third-party data breach

• Protecting ships from cyber terrorism
• Biden administration issues executive order to secure U.S. ports
• Cadisha Miceli | Women in Security 2023
• CISA MTS Guide may enhance critical infrastructure resilience
• DNV appoints Anette Roll Richardsen as Director of Cybersecurity
• Fishing vessel cited for electrical hazards and poor sanitation

• Kristine Raad joins General Motors as Chief Security Officer
• A new report discusses emerging global threats
• Ransomware threats increased by twofold in 2023
• 47% of organizations monitored supply chain risks monthly or more
• 3 ways AI can handle third-party vendor and supplier risk challenges
• The 2023 Security Benchmark Leaders — Materion

Case Studies

• The 2 am call: Preparing for a government cyberattack
• Häfele recovers from ransomware attack with new SASE platform
• Ride-hailing company, inDrive, uses new platform to prevent fraud
• The Old Spaghetti Factory restaurant chain ups network & physical security
• K-8 students learn cybersecurity through gamification
• Electric company uses SAP monitoring to bolster cybersecurity

• Virginia public school district deploys AI gun detection platform
• Michigan school district adopts new gun detection technology
• Illinois school employs ZeroEyes AI-based gun detection technology
• Buffalo Public School District improves video surveillance systems
• Fort Lee employs ALPR tech for vehicle-centric investigations
• Utah state legislature adopts gun detection technology statewide

News

• Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks
• FTC Sending $5.6 Million To Ring Customers Over Security Failures
• Palo Alto Networks Shares Remediation Advice
• Russia, Iran Pose Most Aggressive Threat To 2024 Election
• Google Patches Critical Chrome Vulnerability
• Hackers Are Using Developing Countries For Ransomware Practice
• North Korean Hackers Hijack Antivirus Updates For Malware Delivery
• CISA Warns Of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
• US Charges Iranians With Cyber Snooping On Government, Companies
• TensorFlow AI Models At Risk Due To Keras API Flaw
• Authorities Investigate LabHost Users After Phishing Service Shutdown
• Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware
• UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America
• Microsoft DRM Hack Could Allow Movie Downloads From Streaming
• Over A Million Neighbourhood Watch Members Exposed
• MITRE Hacked By State Sponsored Group Via Ivanti Zero Days
• Russia's Sandworm APT Linked To Attack On Texas Water Plant
• EU Tells Meta It Can't Paywall Privacy
• Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections
• Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive
• Five Eyes Agencies Release New AI Security Guidance
• Phishing Platform LabHost Shut Down By Law Enforcement
• Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards
• Ivanti Patches 27 Vulns In Avalanche MDM Product
• Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts

Exploits

• PowerVR PMRMMapPMR() Writability Check
• Apache Solr Backup/Restore API Remote Code Execution
• Relate Learning And Teaching System SSTI / Remote Code Execution
• Nginx 1.25.5 Host Header Validation
• FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
• GitLens Git Local Configuration Execution
• Visual Studio Code Execution
• Gambio Online Webshop 4.9.2.0 Remote Code Execution
• Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
• Palo Alto PAN-OS Command Execution / Arbitrary File Creation
• LRMS PHP 1.0 SQL Injection / Shell Upload
• Dreamehome 2.1.5 Broken Authorization
• SofaWiki 3.9.2 Shell Upload
• Laravel Framework 11 Credential Disclosure
• FlatPress 1.3 Shell Upload
• MindManager Local Privilege Escalation
• WordPress Background Image Cropper 1.2 Shell Upload
• Flowise 1.6.5 Authentication Bypass
• Relate Learning And Teaching System SSTI / Remote Code Execution
• Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference
• Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass
• Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference
• Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass
• Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference
• Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

• [webapps] Flowise 1.6.5 - Authentication Bypass
• [webapps] Laravel Framework 11 - Credential Leakage
• [webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
• [webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution
• [webapps] FlatPress v1.3 - Remote Command Execution
• [remote] Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation
• [webapps] OpenClinic GA 5.247.01 - Path Traversal (Authenticated)
• [webapps] OpenClinic GA 5.247.01 - Information Disclosure
• [webapps] Jenkins 2.441 - Local File Inclusion
• [webapps] djangorestframework-simplejwt 5.3.1 - Information Disclosure
• [webapps] BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE
• [webapps] Stock Management System v1.0 - Unauthenticated SQL Injection
• [webapps] Online Fire Reporting System OFRS - SQL Injection Authentication Bypass
• [webapps] Savsoft Quiz v6.0 Enterprise - Stored XSS
• [webapps] Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)
• [webapps] WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)
• [webapps] WBCE 1.6.0 - Unauthenticated SQL injection
• [webapps] Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter
• [local] PrusaSlicer 2.6.1 - Arbitrary code execution
• [webapps] PopojiCMS Version 2.0.1 - Remote Command Execution
• [webapps] Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)
• [webapps] HTMLy Version v2.9.6 - Stored XSS
• [webapps] Ray OS v2.6.3 - Command Injection RCE(Unauthorized)
• [local] Terratec dmx_6fire USB - Unquoted Service Path
• [remote] MinIO < 2024-01-31T20-20-33Z - Privilege Escalation
• [webapps] GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload
• [webapps] Open Source Medicine Ordering System v1.0 - SQLi
• [webapps] Daily Expense Manager 1.0 - 'term' SQLi
• [webapps] Best Student Result Management System v1.0 - Multiple SQLi
• [webapps] Human Resource Management System v1.0 - Multiple SQLi
• [remote] Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass
• [webapps] Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload
• [local] AnyDesk 7.0.15 - Unquoted Service Path
• [webapps] Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)
• [webapps] Computer Laboratory Management System v1.0 - Multiple-SQLi
• [local] ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path
• [webapps] Axigen < 10.5.7 - Persistent Cross-Site Scripting
• [webapps] Gibbon LMS v26.0.00 - SSTI vulnerability
• [webapps] Casdoor < v1.331.0 - '/api/set-password' CSRF
• [local] Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G
• [webapps] Wordpress Plugin - Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)
• [webapps] Smart School 6.4.1 - SQL Injection
• [webapps] CE Phoenix v1.0.8.20 - Remote Code Execution
• [webapps] Elementor Website Builder < 3.12.2 - Admin+ SQLi
• [webapps] Blood Bank v1.0 - Stored Cross Site Scripting (XSS)
• [webapps] Daily Habit Tracker 1.0 - Broken Access Control

Last 20 Website Defacements - Zone-h

Advisories

• Ubuntu Security Notice USN-6750-1 Thu, 25 Apr 2024 14:28:08 GMT
  Ubuntu Security Notice 6750-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service.
• Ubuntu Security Notice USN-6743-3 Thu, 25 Apr 2024 14:27:22 GMT
  Ubuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
• Ubuntu Security Notice USN-6657-2 Thu, 25 Apr 2024 14:26:11 GMT
  Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10.
• Ubuntu Security Notice USN-6749-1 Thu, 25 Apr 2024 14:25:55 GMT
  Ubuntu Security Notice 6749-1 - It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.
• Red Hat Security Advisory 2024-2060-03 Thu, 25 Apr 2024 14:19:27 GMT
  Red Hat Security Advisory 2024-2060-03 - Red Hat OpenShift Virtualization release 4.14.5 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2055-03 Thu, 25 Apr 2024 14:19:18 GMT
  Red Hat Security Advisory 2024-2055-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
• Red Hat Security Advisory 2024-2045-03 Thu, 25 Apr 2024 14:19:09 GMT
  Red Hat Security Advisory 2024-2045-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
• Red Hat Security Advisory 2024-2044-03 Thu, 25 Apr 2024 14:19:01 GMT
  Red Hat Security Advisory 2024-2044-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include an information leakage vulnerability.
• Red Hat Security Advisory 2024-2042-03 Thu, 25 Apr 2024 14:18:50 GMT
  Red Hat Security Advisory 2024-2042-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
• Red Hat Security Advisory 2024-2041-03 Thu, 25 Apr 2024 14:18:37 GMT
  Red Hat Security Advisory 2024-2041-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
• Red Hat Security Advisory 2024-2040-03 Thu, 25 Apr 2024 14:18:29 GMT
  Red Hat Security Advisory 2024-2040-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
• Red Hat Security Advisory 2024-2039-03 Thu, 25 Apr 2024 14:18:20 GMT
  Red Hat Security Advisory 2024-2039-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
• Red Hat Security Advisory 2024-2038-03 Thu, 25 Apr 2024 14:18:10 GMT
  Red Hat Security Advisory 2024-2038-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
• Red Hat Security Advisory 2024-2037-03 Thu, 25 Apr 2024 14:17:59 GMT
  Red Hat Security Advisory 2024-2037-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.
• Red Hat Security Advisory 2024-2036-03 Thu, 25 Apr 2024 14:17:47 GMT
  Red Hat Security Advisory 2024-2036-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
• Ubuntu Security Notice USN-6748-1 Wed, 24 Apr 2024 15:20:38 GMT
  Ubuntu Security Notice 6748-1 - It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting attack. This issue only affected Ubuntu 22.04 LTS. It was discovered that Sanitize incorrectly handled style elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting attack.
• Ubuntu Security Notice USN-6747-1 Wed, 24 Apr 2024 15:20:22 GMT
  Ubuntu Security Notice 6747-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service.
• Ubuntu Security Notice USN-6742-2 Wed, 24 Apr 2024 15:19:30 GMT
  Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
• Red Hat Security Advisory 2024-2033-03 Wed, 24 Apr 2024 15:03:04 GMT
  Red Hat Security Advisory 2024-2033-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.
• Red Hat Security Advisory 2024-2011-03 Wed, 24 Apr 2024 15:02:54 GMT
  Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Issues addressed include a buffer overflow vulnerability.
• Red Hat Security Advisory 2024-2010-03 Wed, 24 Apr 2024 15:02:40 GMT
  Red Hat Security Advisory 2024-2010-03 - An update is now available for Red Hat Satellite 6.15. The release contains a new version of Satellite and important security fixes for various components. Issues addressed include HTTP request smuggling, crlf injection, denial of service, file disclosure, and traversal vulnerabilities.
• Red Hat Security Advisory 2024-2008-03 Wed, 24 Apr 2024 15:02:30 GMT
  Red Hat Security Advisory 2024-2008-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include null pointer and use-after-free vulnerabilities.
• Red Hat Security Advisory 2024-2007-03 Wed, 24 Apr 2024 15:02:21 GMT
  Red Hat Security Advisory 2024-2007-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2006-03 Wed, 24 Apr 2024 15:02:11 GMT
  Red Hat Security Advisory 2024-2006-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include null pointer and use-after-free vulnerabilities.
• Red Hat Security Advisory 2024-2005-03 Wed, 24 Apr 2024 15:02:03 GMT
  Red Hat Security Advisory 2024-2005-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include an information leakage vulnerability.