UCSF IT Technology

Progress released additional information on a Critical actively exploited vulnerability MOVEit Products. A remote attacker could exploit this vulnerability to escalate privileges and gain unauthorized access. 

Cisco has released security updates to address Critical vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). These vulnerabilities could be exploited to allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system.

Mozilla released security updates to address vulnerabilities in multiple Mozilla products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Mozilla Foundation Security Advisories. IT Security 

Google released Chrome 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows to address Zero-Day Actively-Exploited vulnerabilities in Chrome.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.  The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button.    Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Threat Alert: What to Watch For Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.

Threat Alert: What to Watch For Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures.  The phishing lures can be customized to have a variety of different appearances or themes.

Splunk released a security update to address High vulnerabilities in Splunk Enterprise. A user could exploit these vulnerabilities to escalate their privileges.

NCC Group released a technical advisory on Critical vulnerabilities in Faronics Insight. A remote attacker could exploit these vulnerabilities to perform remote code execution. 

NHS released a Critical vulnerability bulletin for an actively exploited vulnerability in the MOVEit File Transfer (MFT) product. A remote attacker could exploit this vulnerability to escalate privileges and gain unauthorized access.  For a complete description of the vulnerabilities and affected systems go to CVE-2023-34362 Detail. IT Security