Featured Story
CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalogue based on evidence of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site Owner privileges to execute arbitrary code.
Microsoft previously stated that customers who have enabled automatic updates and selected “Receive updates for other Microsoft products” in their Windows Update settings are already protected.
You can do so by making sure the SharePoint security updates are applied:
– Microsoft SharePoint Server Subscription Edition (KB5002390)
– Microsoft SharePoint Server 2019 (KB5002389)
– Microsoft SharePoint Enterprise Server 2016 (KB5002397)
Our SOC is available to answer any questions you might have around this topic or patch management in general.
Other Stories
Google fixes Chrome zero-days exploited at Pwn2Own 2024
Google addressed seven security vulnerabilities in Chrome, including two zero-days exploited at the Pwn2Own Vancouver 2024 event. CVE-2024-2887 affects WebAssembly and CVE-2024-2886 enables arbitrary memory operations via crafted HTML. Updates are being rolled out to Windows, Mac, and Linux users in version 123.0.6312.86/.87.
Apple Patches Code Execution Vulnerability in iOS, macOS
Apple patched CVE-2024-1580, an integer overflow issue leading to out-of-bounds write in CoreMedia and WebRTC components. The flaw could allow arbitrary code execution during image processing and affects various OS versions, including iOS, macOS, visionOS, and Safari.
Beware of phishing message appearing to come from itsme
Safeonweb received over 1,600 reports of a bilingual phishing message impersonating itsme. The email claims to be a service notification prompting users to click a verification link, which leads to a fake website designed to steal credentials.
– verdacht@safeonweb.be
– suspect@safeonweb.be
– suspicious@safeonweb.be
Our SOC is available to assist with any questions or concerns about suspicious communications.