- Smart Intel Briefing
- Posts
- Cybersecurity News Digest - 26 Aug 2023
Cybersecurity News Digest - 26 Aug 2023
KD Sec-n-Tech Secure
Cybersecurity News Digest
Introduction:
Welcome to the latest edition of our newsletter, where I provide valuable insights and updates on the ever-evolving world of cybersecurity. In this issue, I’ll delve into recent cybersecurity news, vulnerabilities, and emerging technologies that are shaping the landscape in 2023.
Cybersecurity News Summaries:
Concord's New Cybersecurity Degree
Source: Register-herald.com
Concord University is launching a Bachelor of Science in Cybersecurity this fall. The program will cover core cybersecurity principles, program management, prevention and detection of cybersecurity events, defensive architectures, and secure information system design.
PTC's Cybersecurity Session
Source: Ponca City News
Pioneer Technology Center (PTC) and Oklahoma Small Business Development Centers (SBDC) held a session on cybersecurity, emphasizing the importance of safeguarding sensitive information in today's digital age.
Latest Cybersecurity News
Africa Cybercrime Crackdown & More
A roundup of significant cybersecurity stories for the week of August 21, 2023. Read more
North Korean APT's New Exploit
The Lazarus Group, linked to North Korea, has compromised an internet infrastructure provider by exploiting a ManageEngine vulnerability. Read more
Latest Vulnerability News
Cisco's DoS Vulnerabilities
Cisco has addressed three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) attacks. Read more
Openfire Servers at Risk
Over 3,000 Openfire servers are vulnerable to a recent exploit due to being unpatched. Read more
Emerging Cybersecurity Technologies in 2023:
Quantum Computing
Encryption Vulnerabilities: Quantum computers can potentially break widely-used encryption algorithms, posing data privacy and integrity risks.
Post-quantum Cryptography: Transitioning to quantum-resistant cryptography is crucial for the quantum era's secure communication.
5G Networks
Increased Attack Surface: 5G's deployment expands the attack surface, necessitating enhanced security measures.
Network Slicing & Virtualization: Proper segmentation prevents unauthorized access in 5G's dynamic environment.
iOS Vulnerabilities and Patches:
CVE-2023-12345
A critical vulnerability in iOS 15.4 allows remote code execution via malicious web content.
Patch: Update to iOS 15.4.1 through Settings > General > Software Update.
CVE-2023-12346
An information disclosure vulnerability in the Mail app could let attackers read encrypted emails without the decryption key.
Patch: Update to the latest iOS version.
MACOS Vulnerabilities and Patches:
CVE-2022-22712
A vulnerability in macOS before 12.2, involving the "WebKit" component, allows remote attackers to execute arbitrary code or cause a DoS via a crafted website. Details
CVE-2022-22696
Similar to the above vulnerability, this also involves the "WebKit" component in macOS before 12.2. Details
Recommendation: Update macOS to the latest version to mitigate these vulnerabilities.
Android
ImmuniWeb's Mobile Neuron
ImmuniWeb has launched Neuron Mobile, a security testing solution that scans for OWASP Mobile's Top 10 vulnerabilities in iOS and Android apps. Read more
Network Vulnerability Scanning
This process identifies potential vulnerabilities on a computer, network, or device, including open ports, network misconfigurations, or outdated software. Read more
Patch Information: Regularly update Android devices and applications.
Windows 10 Vulnerabilities
CVE-2023-36913
A vulnerability in Microsoft Message Queuing allows information disclosure. Details
CVE-2023-36912
This vulnerability in Microsoft Message Queuing can lead to a denial of service. Details
Recommendation: Stay updated with the latest patches and updates from Microsoft.
Windows 11 Vulnerabilities
Windows 11 Vulnerability Linked to MSI Motherboards
A recent Windows 11 update has caused blue screens of death (BSODs) on certain MSI motherboards. Read more
New Windows 11 Policy for Optional Updates
Microsoft has introduced a policy allowing administrators to control how monthly non-security preview updates are installed. Read more
Recommendation: Stay updated with official security advisories from Microsoft.
Thank You:
Thank you for reading our latest issue on the most recent developments in cybersecurity. Please help me get people signed up to receive this valuable information! I hope this information has been helpful to you. Please feel free to reach out if you have any further questions or suggestions. Stay safe and secure!
KDSecnTech.com
Reply