Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, October 29th, 2022.
This week started with the coverage of Adobe released patches for two critical vulnerabilities that could lead to arbitrary code execution, but the researcher who found them says exploitation is not easy. One of Adobe product, Illustrator 2021 and 2022 for Windows and macOS are affected by improper input validation and out-of-bounds read vulnerabilities that could lead to malicious code execution.
Uptycs announced enhanced Kubernetes and container security capabilities that provide threat detection for container runtime correlated with Kubernetes control plane attacks. Researchers have discovered vulnerabilities in Atlassian Jira Align, a SaaS platform could allow users with access to the service to become application administrators, and then attack the Atlassian service.
Akamai announced a significant evolution of its DDoS protection platform (Prolexic) with a global rollout of new, fully software-defined scrubbing centers, which will extend its dedicated defense capacity to 20 Tbps and accelerate future product innovations.
Researchers discovered numerous vulnerabilities affecting the Veeam Backup & Replication application that could be exploited by advertising fully weaponized tools for RCE. Several threat actors were seen advertising the fully weaponized tool for remote code execution to exploit the following vulnerabilities affecting Veeam Backup & Replication: CVE-2022-26500 and CVE-2022-26501 with a CVSS V3 score of 9.8 and CVE-2022-26504 with a CVSS V3 score of 8.8.
VMware has released patches to address a critical vulnerability resides in VMware Cloud Foundation. The RCE vulnerability tracked as CVE-2021-39144 with a CVSS of 9.8 resides in the XStream open-source library. Unauthenticated attackers can exploit the vulnerability in low-complexity attacks without user interaction.
The Hive ransomware group has claimed responsibility for the cyber-attack against Tata Power disclosed by the company on October 14 and believed to have occurred on October 3. Fortinet is urging its customers to patch a critical authentication bypass vulnerability that has already been exploited in the wild.
Michigan Medication customers of about 34k received notifications that their health information was possibly exposed in a data breach. Thomson Reuters Corp. has been found to have exposed more than 3 terabytes of sensitive customer and corporate data, the latest company to fail in applying basic security to its hosting solutions.
Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. Google has released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723.
GitLab has announced numerous new security and compliance features and enhancements to its platform that are intended for securing software supply chain. The new capabilities include security policy management, compliance management, events auditing, and vulnerability management.
Twilio disclosed another security incident in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information.