In this monthly report, we present a round-up of key cyber security developments, keeping you informed about the latest threats and trends. Additionally, we’ve compiled valuable resources for both staff and IT teams, helping your organisation stay secure.
Highlights of vulnerabilities identified in February
Microsoft Office Outlook Remote Code Execution Vulnerability
Severity – Critical
A critical vulnerability (CVE-2024-21413) has been identified in Microsoft Outlook Desktop App, allowing attackers to remotely take control of affected systems without user interaction.
This vulnerability nicknamed #MonikerLink, exploits a flaw in how Outlook handles file previews, bypassing security measures and enabling attackers to execute malicious code even if the user doesn’t open the attached file.
While there are no known active exploits, the ACSC recommends reviewing devices for affected versions and applying the latest security updates.
The vulnerability remediation advisory can be found here.
Critical vulnerability in ConnectWise’s ScreenConnect
Severity – Critical
ConnectWise identified a critical vulnerability (CVE-2024-1709) in their ScreenConnect software. This vulnerability allows unauthenticated attackers to remotely execute malicious code by creating a new account with administrator privileges. ConnectWise confirmed active exploitation of this vulnerability, making immediate patching crucial. All users of ConnectWise ScreenConnect versions prior to 23.9.8 are advised to update to the latest version (23.9.8 or later) as soon as possible.
To view the recommended mitigation actions, please visit ConnectWise’s Security release.
Vulnerability in Progress Kemp products
Severity – Critical
The Australian Cyber Security Centre (ACSC) warned IT teams of a critical vulnerability (CVE-2024-1212) affecting Progress Kemp’s LoadMaster and ECS Connection Manager products. This vulnerability allows remote attackers, without needing any login credentials, to execute malicious commands on affected systems. While there are currently no reported cases of active exploitation, Progress Kemp has rated the vulnerability as critical.
To mitigate the risk, organisations are advised to consult Progress Kemp’s customer advisory.
Vulnerability in FortiOS
Severity – Critical
A critical vulnerability, CVE-2024-21762, has been identified in Fortinet’s FortiOS and FortiProxy software. This vulnerability allows unauthenticated attackers to remotely take control of affected systems via a specially crafted HTTP request. Fortinet has confirmed that this vulnerability is being actively exploited in the wild, making immediate action crucial. Organisations are advised to disable SSL VPN as a temporary workaround until patching is complete.
Fortinet has released mitigation advisory here.
Flaw in Popular ‘Ultimate Member’ WordPress Plugin
Severity – Critical
A critical vulnerability (CVE-2024-1071) in the popular Ultimate Member WordPress plugin (used by over 200,000 websites) allows attackers to steal sensitive information from the website’s database. While the attack requires a specific configuration setting and is difficult to execute, it’s crucial to update the plugin to the latest version.
Resources for proactive security
This section provides resources to help your organisation stay ahead, including a Gartner report on the impact of Generative AI on Security and an infographic highlighting cyber security best practices.
4 Ways Generative AI Will Impact CISOs and Their Teams
Gartner explores how GenAI will impact CISOs and their teams in four key areas:
- Defence: Utilising GenAI for threat detection, potentially reducing false positives by 30% by 2027
- Attack Landscape: Recognising the potential threats posed by attackers leveraging GenAI for malicious purposes
- Secure Development: Integrating security considerations when building GenAI applications within the organisation
- Responsible Consumption: Establishing guidelines and monitoring how the organisation utilises GenAI technologies
For a deeper dive and actionable recommendations, download the full report by Gartner.
10 Security Awareness Best Practices
This guide from our partners at Hook Security covers crucial topics like crafting strong passwords, identifying phishing scams, and implementing physical security measures. Equipping employees with this knowledge will empower them to navigate the online world with confidence, safeguarding themselves and company data. Consider sharing this guide with your team.
How Virtuelle can help
When you engage Virtuelle, our team of cyber security experts will objectively assess your organisation’s systems and activities to identify and remediate vulnerabilities and potential cyber risks.
Contact us to learn how a Cyber Security Risk Assessment by Virtuelle can help protect your organisation.