1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2023 week 47

Sicelo Ncekana | Nov. 25, 2024, 9:44 a.m.

Cybersecurity News:

  • Fintech giant Finastra investigates data breach after SFTP hack [Bill Toulas, Bleeping Computer]
  • US space tech giant Maxar discloses employee data breach [Bill Toulas, Bleeping Computer]
  • Prison layouts reportedly leaked on dark web [Lucy Clarke-Billings, BBC]

    • Vulnerabilities & Patches:

  • Critical 7-Zip Vulnerability Let Attackers Execute Arbitrary Code [Guru Baran, cybersecurity news]
  • Apple warns 2 macOS zero-day vulnerabilities under attack [Arielle Waldman, TechTarget]
  • Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites [Ravie Lakshmanan, The Hacker News]
  • Critical 7-Zip Vulnerability Let Attackers Execute Arbitrary Code [Ravie Lakshmanan, The Hacker News]
  • PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released [Security Team, CYBERSRC]
  • Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root [Bill Toulas, Bleeping Computer]
  • Critical AnyDesk Vulnerability Let Attackers Uncover User IP Address [Tushar Subhra Dutta, ]

    • Malware

  • NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond [SOCRadar, SOCRadar]
  • The official "Bing Wallpaper app" does some nasty, malware-like things to Windows [Alfonso Maruccia, TechSport]
  • New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers [Ravie Lakshmanan, The Hacker News]

    • Contact Us:

    csirt {at} sanren.ac.za

    CSIRT:

    0x898215F56081EBEB

    Heloise:

    0xD367253D12C5BBBC

    Kgwadi:

    0xDD7E5C2E539972EB

    Sicelo:

    0x2346D2ACE7F536B6

    Maajied:

    0xEE9BE86AD16D89C2