C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

Infosec bits for 2023 week 44

2023-11-03 09:36 - Heloise Meyer

Cybersecurity News:
- The People Hacker: AI a Game-Changer in Social Engineering Attacks [James Coker, Infosecurity Magazine]
- New CVSS 4.0 vulnerability severity rating standard released [Sergiu Gatlan, Bleeping Computer]
Vulnerabilities & Patches:
- VMware Releases Advisory for VMware Tools Vulnerabilities [CISA, CISA]
- Chrome 119 Patches 15 Vulnerabilities [Ionut Arghire, SecurityWeek]
- Cisco Firepower firewalls patched for critical bug [Richard Chirgwin, IT News]
Exploits:
- Atlassian warns of exploit for Confluence data wiping bug, get patching [Sergiu Gatlan, Bleeping Computer]
- Suspected Exploitation of Apache ActiveMQ CVE-2023-46604 [Rapid7, Rapid7]
- Citrix Bleed: Mass exploitation in progress [Zeljka Zorz, HelpNetSecurity]
Data Breaches:
- Okta hit by third-party data breach exposing employee information [Bill Toulas, Bleeping Computer]
- Boeing confirms cyberattack, global services disrupted [Matt Kapko, Cybersecurity Dive]

Contact Us:	csirt { a } sanren.ac.za

PGP Keys:
CSIRT		0xE2C491CED20D800F
Renier		0x11A7B70A4B81468E
Kgwadi		0x9FF01A35A5726937
Sicelo		0xA6CCD44FD770057B
Heloise		0x96371C4C9FA23CAC
Maajied		0xEE9BE86AD16D89C2