Patch/Configuration Management

Potential intrusions commence with the delivery of a specially crafted session cookie with a base64-encoded null bytes string to the '/cgi-bin/sslvpnclient' SSL VPN authentication endpoint, prompting an improper session validation that logs out firewall users and enables attacker session hijacking, a report from Bishop Fox revealed.

The 56 security vulnerabilities Microsoft addressed with its latest Patch Tuesday update includes two zero-day flaws.

Iran accounted for most of the vulnerable KerioControl instances, followed by the U.S., Italy, Germany, and Russia, according to The Shadowserver Foundation.

Such a vulnerability — which was discovered and reported by the University of Toronto Munk School of Global Affairs' The Citizen Lab — affects iPhone XS and later, iPad 7th generation and later, iPad mini 5th generation and later, all iPad Pro 11-inch generations, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd gen and later, and iPad Air 3rd generation and later.

Immediately patching is recommended due to the risk of RCE on Microsoft IIS web servers in critical infrastructure sectors.

Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.

Such a vulnerability — which stems from a USB Video Class driver out-of-bounds write issue that could be exploited for privilege escalation — may have been used by forensic data extraction tools, according to the GrapheneOS development team.

The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.