• Shop
  • 1300 653 059
Search
  • Services
    •  

      Not sure where to start?

      Contact us to arrange a free discovery call >

      Managed services

      Managed IT services
      Managed IT support
      Managed Security Services
      Managed Essential 8 Services

      Data & Analytics

      Data advisory services
      Business intelligence and analytics
      Enterprise data architecture

      Cyber Security

      Essential 8 Services
      Cyber security strategy
      Governance, risk & compliance
      Penetration testing
      Security awareness training
      Managed security services
      Incident response
      Incident recovery

      Advisory & consulting

      Advisory and consulting services

      Cloud computing

      Cloud computing services

      Voice

      Unified communications

      End-user computing

      End-user computing services

      Network

      Network services

  • About
  • Partners
  • Events
    • Implementing a Cyber Framework Webinar
    • Selecting a Cyber Framework Webinar
  • Insights
  • Contact
Search
START TYPING AND PRESS ENTER TO SEARCH
  • Services
    • Managed IT Services
      • IT Support Services
      • Managed IT Services
    • Data Analytics Professional Services
      • Business intelligence and analytics
      • Data Advisory Services
      • Enterprise Data Architecture Services
    • Cyber Security
      • Cyber security awareness training
      • Cyber Security Remediation Services
      • Cyber Security Strategy
      • Emergency Incident Response Services
      • Essential 8 managed services
      • Governance, Risk and Compliance Services
      • Managed Cyber Security Services
      • Penetration testing
    • Advisory & Consulting
    • Cloud Computing
    • Business Telephony & Conferencing
    • End-User Computing
    • Network Services
  • About
  • Partners
  • Insights
  • Contact
1300 653 059
  • Services
    • –
  • About
  • Partners
  • Events
    • Implementing a Cyber Framework Webinar
    • Selecting a Cyber Framework Webinar
  • Insights
  • Contact

Home » Monthly Security Report for January 2024

Monthly Security Report for January 2024

Posted on February 1, 2024February 2, 2024 by Mikhael Chammaa
January Cyber Security Report

At Virtuelle, we monitor cyber security news and present highlights in a monthly security wrap-up. In addition, we’ve gathered some useful resources for Staff and IT teams to help your organisation stay secure.

Highlights of vulnerabilities identified in January

CVE-2024-20253 – Cisco Unified Communications Products Remote Code Execution Vulnerability

Severity – Critical

A remote code execution (RCE) vulnerability in multiple Cisco Unified Communications and Contact Centre Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is present in the default configuration of various products.

To view a list of affected products and recommended mitigation actions, please visit the advisory page.

CVE-2024-21887 – Critical vulnerabilities in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS)

Severity – Critical

The Australian Cyber Security Centre (ACSC) has issued an alert about critical vulnerabilities in the Ivanti Connect Secure (ICS) VPN and the Ivanti Policy Secure (IPS) network access control solution. The vulnerabilities are tracked as CVE-2023-46805, an authentication-bypass vulnerability, with a CVSS score of 8.2, and CVE-2024-21887, a command injection vulnerability with a score of 9.1.

Suspected state-linked hackers have been exploiting the vulnerabilities since early December, according to research released by Volexity. 

The vulnerability remediation advisory can be found here.

CVE-2023-6548 – Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway products

Severity – High

Citrix alerted to two zero-day vulnerabilities in customer-managed Netscaler Application Delivery Controller and Netscaler Gateway devices. 

The vulnerabilities are tracked as CVE-2023-6548, which could lead to remote code execution, and CVE-2023-6549, which could lead to a denial-of-service attack. According to Citrix, the vulnerabilities are unrelated to the CitrixBleed vulnerability. 

Citrix has released a mitigation advisory here.

CVE-2023-22527 – Remote Code Execution Vulnerability in Confluence Data Centre and Confluence Server

Severity – Critical

A template injection vulnerability, listed as CVE-2023-22527, allows unauthenticated attackers to gain remote code execution on affected systems. Atlassian gave the vulnerability a CVSS score of 10. 

According to the ACSC, Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

The vulnerability remediation advisory can be found here.

CVE-2024-0402 – Vulnerabilities in GitLab Products

Severity – Critical

GitLab released a patch for the latest disclosed critical vulnerability: CVE-2024-0402. The vulnerability allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. This means an attacker could exploit the vulnerability to distribute malware as well as to steal data. GitLab mitigation advisory can be found here.

Earlier in January, GitLab released a security patch to address another critical vulnerability: CVE-2023-7028. This vulnerability can enable an attacker to take over an account by having password reset emails delivered to an unauthenticated email address. To reduce this risk, we advise enabling MFA and upgrading self-managed instances to the latest version. Gitlab mitigation advisory can be found here.

Resources for proactive security

It’s important to be proactive about security so you can stay ahead of cyber threats. In this issue, we’ve gathered some useful resources to help your organisation stay secure.

Engaging with Artificial Intelligence (AI)

In collaboration with international partners, the Australian Cyber Security Centre (ACSC) has created a guide to help organisations safely use AI systems. The purpose of this publication is to guide engagement with AI while managing risks. The guide summarises some of the significant threats associated with AI systems and prompts organisations to consider steps they can take to use AI securely. It provides measures to help both organisations that use self-hosted and third party-hosted AI systems. 

You can access the guide on the ACSC website here.

7 Tips for crafting a strong password

Our partners at Hook Security have created resources to increase awareness about password management. Passwords are essential in safeguarding data from unauthorised access, but data breaches frequently occur due to poor password management practices. The following infographic outlines actionable and engaging tips that you can download and share with employees.

Download Phishing Poster

How Virtuelle can help

When you engage Virtuelle, our team of cyber security experts will objectively assess your organisation’s systems and activities to identify and remediate vulnerabilities and  potential cyber risks.

Contact us today for a FREE 1:1 consultation with Robert Kirtley, our Cyber Security Director, and learn how a Cyber Security Risk Assessment by Virtuelle Security can help protect your organisation.

 

Posted in News, Updates and Features

Post navigation

Uncover risks with a Cyber Security Risk Assessment
Monthly Security Report for February 2024
  • Services
  • Managed IT Services
  • Data & Analytics
  • Cyber Security
  • Advisory & Consulting
  • Cloud Computing
  • Business Telephony & Conferencing
  • End-User Computing
  • Network Services
  • About
  • Our Story
  • Partners
  • Insights
  • Contact
  • Privacy Policy
  • Connect
  • Get the latest updates and advisory

  • –

© 2024 Virtuelle Group. All rights reserved