Cyber Security Today, Oct. 18, 2023 — Plug this Cisco vulnerability now

Share post:

Plug this Cisco vulnerability now.

Welcome to Cyber Security Today. It’s Wednesday, October 18th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Network administrators with equipment running Cisco Systems’ IOS XE operating system are urged to take mitigation action fast. Since September attackers have been exploiting a previously unknown critical vulnerability in the web user interface of the software. If devices are exposed to the internet or untrusted networks an attacker could exploit the hole to take control of the router. Both physical and virtual devices with the software that have the HTTP or HTTPS server feature enabled are affected. The solution for the time being is to disable the HTTP feature on all internet-facing systems.

Critical infrastructure companies with internet-connected industrial control, SCADA or OT systems now have extra help in identifying cyber threats. The U.S. National Security Agency has created a GitHub repository of signatures and analytics called Elitewolf for those firms. The goal is to help companies implement continuous OT system monitoring. The files provided aren’t necessarily malicious. They require analysis to determine if the activity is bad on a particular system.

Earlier this month listeners were warned to patch Atlassian Confluence servers to close a zero-day vulnerability. Some haven’t got the message because this week American cyber authorities had to issue an advisory repeating the warning. Atlassian has rated this vulnerability as critical. There are interim mitigations, but administrators are strongly advised to upgrade to a fixed version of Confluence or take servers offline to apply updates.

WordPress administrators who allow the use of the Royal Elementor Addons and Templates plugin should update to the latest version as soon as possible. A vulnerability isn’t properly validating uploaded files. That allows hackers to bypass the check and insert malicious files into the plugin. Version 1.3.79 fixes the issue.

Here’s the latest twist in the Ukraine-Russia cyber war: An advanced threat actor is trying to use the Discord messaging system as a way to infiltrate organizations. As a popular communications platform, crooks have been using Discord for years to plant common information stealers and remote access trojans that victims will hopefully download. But researchers at Trellix and Threatray recently found a more cutting-edge threat actor using Discord to compromise the computers of users. This unknown person uploaded a file looking for donations to help Ukrainian soldiers. An employee at a Ukrainian critical infrastructure provider fell for the scam and downloaded a malicious file, which is how the researchers found it. Employees need to be warned of the dangers of downloading anything from Discord with company-owned computers or smartphones, or using a personal device that connects to the organization.

Finally, the Open Compute Project has announced a new program to improve the trustworthiness of devices bought for IT infrastructure. Called the Security Appraisal Framework and Enablement — or S.A.F.E. — it will create a security checklist for hardware and firmware aimed at data centres. Approved auditors will certify products have met the checklist. The goal is to reduce the redundancy of device security audits. Among the participants in the program are CPU manufacturers Intel and AMD.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Oct. 18, 2023 — Plug this Cisco vulnerability now first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Hashtag Trending Feb.28- OpenAI says New York Times hacked ChatGPT; Apple cancels plans to release electric car; Your Voice is Power teaches indigenous youth...

Sponsor: Hashtag Trending is sponsored by Dalikoo.com (Spell). The founder is a big supporter of our podcast and is not only a sponsor but he has offered to provide $20,000 in Azure credits for two to three of our listeners who have a unique idea for an Azure based project. The credits can be applied

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways