- Ivanti Legacy Cloud appliance has a bad vulnerability (remove/ upgrade ASAP)
- Scammers are posing as Apple care services in github and Google ads (Malware Bytes article)which are fake.
- Some windows systems were left dangerously unpatched for some time (krebsonsecurity article)
Issue1: Unfortunately the obsolete Ivanti appliances must be replaced ASAP – as this is the fate otherwise:
Exploitation of the bug, which the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday as well, gives hackers “access to the device running the CSA.”
The advisory notes that CSA 4.6 is end-of-life and “no longer receives patches for OS or third-party libraries.”
Issue2: MalwareBytes discusses Scammers advertise fake AppleCare+ service via GitHub repos
Above are the ads on Google as photoshopped by Malwarebytes (I tried to reproduce this but could not)
In my Google search the Apple Customer service (800) 275-2273 was the only thing that I found the same as their screenshot from their search.
Nonetheless these fake github listings and also google ads (which may have been pilled by now) it still shows the possible attacks which could come across in the future.
Clicking on an ad that leads to github is not a good thing.
Issue3 about a security vulnerability in Microsoft software
{By far the most curious security weakness Microsoft disclosed today has the snappy name of CVE-2024-43491, which Microsoft says is a vulnerability that led to the rolling back of fixes for some vulnerabilities affecting “optional components” on certain Windows 10 systems produced in 2015. Those include Windows 10 systems that installed the monthly security update for Windows released in March 2024, or other updates released until August 2024.
Satnam Narang, senior staff research engineer at Tenable, said that while the phrase “exploitation detected” in a Microsoft advisory normally implies the flaw is being exploited by cybercriminals, it appears labeled this way with CVE-2024-43491 because the rollback of fixes reintroduced vulnerabilities that were previously know to be exploited.
“To correct this issue, users need to apply both the September 2024 Servicing Stack Update and the September 2024 Windows Security Updates,” Narang said.}
This is the sentence that stated the issue: “The notes from Microsoft say that the ‘build version numbers crossed into a range that triggered a code defect’,” Breen said. “The short version is that some versions of Windows 10 with optional components enabled was left in a vulnerable state.”
It means that some systems were supposed to get an upgrade long ago but did not (and have been vulnerable since then) which is why updating this month’s Microsoft update is very important.
So for issue3 update your systems soon (yesterday) and let’s keep going.
for Issue2 be aware of scams on the Internet even when disguised as ads.
Issue1 is a good example of even appliances will become obsolete eventually and then they have to be replaced.
All systems have an end of life date and we must prepare for this.
Contact for more info