Featured Story
Microsoft Patch Tuesday (September 2023): 61 Vulnerabilities Fixed, Including 2 Zero-Days
Microsoft’s September 2023 Patch Tuesday addressed 61 vulnerabilities, including 5 rated critical, 2 zero-days, and 2 actively exploited in the wild. Affected components include .NET, Visual Studio, Azure services, and Microsoft Office. Among the vulnerabilities, 27 enabled remote code execution (RCE), while 17 allowed privilege escalation.
- Apply patches immediately to all impacted systems.
- Stay alert for signs of compromise related to known exploited CVEs.
- Keep all Microsoft services updated and monitored.
Our SOC is available to assist with patch deployment strategies and threat monitoring.
Other Stories
Azure HDInsight Vulnerabilities Allowed Session Hijacking and Payload Delivery
Orca Security identified eight cross-site scripting (XSS) flaws affecting Azure HDInsight services like Hadoop, Spark, Kafka, and Oozie. Microsoft addressed them in August 2023 Patch Tuesday updates.
- Apply Azure patches from August 2023 if not already done.
- Conduct regular code reviews and input validation training.
- Implement continuous monitoring for malicious payload delivery or session theft.
New Kubernetes Vulnerability Allows RCE on Windows Nodes
CVE-2023-3676 allows attackers with ‘apply’ privileges in Kubernetes to execute SYSTEM-level code on Windows nodes. The flaw affects versions prior to 1.28.
- Update Kubernetes clusters to version 1.28+ immediately.
- Restrict ‘apply’ rights using RBAC policies.
- Use tools like Open Policy Agent (OPA) to validate YAML policies.
We offer Kubernetes configuration reviews and hardening assessments.
Adobe Issues Patches for Acrobat, Reader, Experience Manager
Adobe released critical updates for multiple products including Acrobat, Reader, Connect, and Experience Manager. The vulnerabilities could be exploited to compromise affected systems.
- Apply updates listed in APSB23-33, APSB23-34, and APSB23-43.
- Enable automatic updates across all Adobe deployments.
- Regularly review Adobe’s Security Bulletins and maintain an IR plan.
Expecting a Parcel? Watch Out for Phishing Scams
Safeonweb reports a resurgence of phishing messages pretending to be from parcel services. Victims are asked to click links, download apps, or share banking credentials.
- Do not click on suspicious package delivery links.
- Verify parcel status directly via official websites.
- Report scams to suspicious@safeonweb.be.
- Change passwords and alert your bank if you interacted with the message.
Our SOC supports phishing awareness and simulation campaigns.
