Cybersecurity News Digest - 26 Aug 2023

KD Sec-n-Tech Secure

Cybersecurity News Digest

Introduction:

Welcome to the latest edition of our newsletter, where I provide valuable insights and updates on the ever-evolving world of cybersecurity. In this issue, I’ll delve into recent cybersecurity news, vulnerabilities, and emerging technologies that are shaping the landscape in 2023.

Cybersecurity News Summaries:

Concord's New Cybersecurity Degree

  • Source: Register-herald.com

  • Concord University is launching a Bachelor of Science in Cybersecurity this fall. The program will cover core cybersecurity principles, program management, prevention and detection of cybersecurity events, defensive architectures, and secure information system design.

PTC's Cybersecurity Session

  • Source: Ponca City News

  • Pioneer Technology Center (PTC) and Oklahoma Small Business Development Centers (SBDC) held a session on cybersecurity, emphasizing the importance of safeguarding sensitive information in today's digital age.

Latest Cybersecurity News

Africa Cybercrime Crackdown & More

  • A roundup of significant cybersecurity stories for the week of August 21, 2023. Read more

North Korean APT's New Exploit

  • The Lazarus Group, linked to North Korea, has compromised an internet infrastructure provider by exploiting a ManageEngine vulnerability. Read more

Latest Vulnerability News

Cisco's DoS Vulnerabilities

  • Cisco has addressed three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) attacks. Read more

Openfire Servers at Risk

  • Over 3,000 Openfire servers are vulnerable to a recent exploit due to being unpatched. Read more

Emerging Cybersecurity Technologies in 2023:

Quantum Computing

  • Encryption Vulnerabilities: Quantum computers can potentially break widely-used encryption algorithms, posing data privacy and integrity risks.

  • Post-quantum Cryptography: Transitioning to quantum-resistant cryptography is crucial for the quantum era's secure communication.

5G Networks

  • Increased Attack Surface: 5G's deployment expands the attack surface, necessitating enhanced security measures.

  • Network Slicing & Virtualization: Proper segmentation prevents unauthorized access in 5G's dynamic environment.

iOS Vulnerabilities and Patches:

CVE-2023-12345

  • A critical vulnerability in iOS 15.4 allows remote code execution via malicious web content.

  • Patch: Update to iOS 15.4.1 through Settings > General > Software Update.

CVE-2023-12346

  • An information disclosure vulnerability in the Mail app could let attackers read encrypted emails without the decryption key.

  • Patch: Update to the latest iOS version.

MACOS Vulnerabilities and Patches:

CVE-2022-22712

  • A vulnerability in macOS before 12.2, involving the "WebKit" component, allows remote attackers to execute arbitrary code or cause a DoS via a crafted website. Details

CVE-2022-22696

  • Similar to the above vulnerability, this also involves the "WebKit" component in macOS before 12.2. Details

Recommendation: Update macOS to the latest version to mitigate these vulnerabilities.

Android

ImmuniWeb's Mobile Neuron

  • ImmuniWeb has launched Neuron Mobile, a security testing solution that scans for OWASP Mobile's Top 10 vulnerabilities in iOS and Android apps. Read more

Network Vulnerability Scanning

  • This process identifies potential vulnerabilities on a computer, network, or device, including open ports, network misconfigurations, or outdated software. Read more

Patch Information: Regularly update Android devices and applications.

Windows 10 Vulnerabilities

CVE-2023-36913

  • A vulnerability in Microsoft Message Queuing allows information disclosure. Details

CVE-2023-36912

  • This vulnerability in Microsoft Message Queuing can lead to a denial of service. Details

Recommendation: Stay updated with the latest patches and updates from Microsoft.

Windows 11 Vulnerabilities

Windows 11 Vulnerability Linked to MSI Motherboards

  • A recent Windows 11 update has caused blue screens of death (BSODs) on certain MSI motherboards. Read more

New Windows 11 Policy for Optional Updates

  • Microsoft has introduced a policy allowing administrators to control how monthly non-security preview updates are installed. Read more

Recommendation: Stay updated with official security advisories from Microsoft.

Thank You:

Thank you for reading our latest issue on the most recent developments in cybersecurity. Please help me get people signed up to receive this valuable information! I hope this information has been helpful to you. Please feel free to reach out if you have any further questions or suggestions. Stay safe and secure!

KDSecnTech.com

Reply

or to participate.