Week in review: Citrix and Fortinet RCEs, Microsoft fixes exploited zero-day

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)
A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the company has confirmed.

Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group.

State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) deployments, the US National Security Agency has warned.

Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)
It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by attackers to deliver a variety of malware.

OSV-Scanner: A free vulnerability scanner for open-source software
After releasing the Open Source Vulnerabilities database (OSV.dev) in February, Google has launched the OSV-Scanner, a free command line vulnerability scanner that open source developers can use to check for vulnerabilities in their projects’ dependencies.

Preventing a ransomware attack with intelligence: Strategies for CISOs
Ransomware is opportunistic and the barriers to entry for operators are relatively low as the tools, infrastructure, and access that enables these attacks have proliferated across various online illicit communities through the ransomware-as-a-service (RaaS) model.

24% of technology applications contain high-risk security flaws
With, arguably, a higher proportion of applications to contend with than other industries, tech firms would benefit from implementing improved secure coding training and practices for their development teams.

Security measures to protect Kubernetes workloads
In this Help Net Security video, Deepak Goel, CTO of D2iQ, provides insight into which security measures can help organizations that use Kubernetes better protect their workloads – and the implications of what can happen if they don’t.

Analyzing Australia’s cyberthreat landscape, and what it means for the rest of the world
Australia has been the victim of damaging cyberattacks in the latter half of this year, with high-profile incidents impacting businesses across critical sectors such as telecoms, healthcare, and government.

Most startups have cyber insurance but are uncertain about how much risk is covered
Despite the significant economic headwinds startups currently face – from a challenging fundraising landscape to inflation woes and difficult operational decisions – company founders remain pointedly focused on advancing their cybersecurity protections now and moving forward, according to Embroker.

Cybersecurity predictions for 2023: Diversity is key
In this Help Net Security video, John Xereas, Executive Director, Technology Solutions at Raytheon Intelligence & Space, offers his cybersecurity predictions for 2023.

3 major threat detection methods explained
As attacks continue to evolve in methods and sophistication, security teams need to prioritize threat detection so they can identify suspicious activity before a breach can occur.

Security is no longer an internal affair
67% of respondents to a recent survey indicated their company had lost a business deal due to the customer’s lack of confidence in their security strategy.

How companies can avoid costly data breaches
In this Help Net Security video, Balaji Ganesan, CEO at Privacera, talks about how organizations are moving to a zero-trust framework and beyond, meaning they have security frameworks that span from perimeter apps to their data at a granular level.

Will 2023 be another year of chaos and instability?
A defining characteristic of 2022 has been the way that online campaigns driven by real-world events have amassed unexpected energy, fueling hacktivism and inviting in global chaos.

Nosey Parker: Find sensitive information in textual data and Git history
Praetorian has open-sourced the regular expression-based (RegEx) scanning capabilities of its Nosey Parker secret scanning tool.

5 tips for building a culture of cybersecurity accountability
In this Help Net Security video, Corey Nachreiner, CSO at WatchGuard, talks about how effective cybersecurity often boils down to doing the basics: patching, updating, and following day-to-day best practices for using applications and systems.

Ensuring trust for high-value digital transactions
With the holiday season upon us, auto dealerships are facing an influx of consumers looking to swoop on end-of-year sales and holiday offers.

What CISOs consider when building up security resilience
Cybersecurity resilience is a top priority for companies as they look to defend against a rapidly evolving threat landscape, according to Cisco.

Lack of key domain security measures leaves organizations at risk
In this Help Net Security video, Ihab Shraim, CTO at CSC, talks about how 75% of the Forbes Global 2000 are exposing themselves to significant enterprise risks as third parties maliciously register their brands, and they fail to implement key domain security measures.

Product showcase: The Intruder vulnerability management platform
Vulnerability scanning is a fundamental component of every good cyber security strategy – but it can be challenging to get right.

eBook: 4 ways to secure passwords, avoid corporate account takeover
Enterprising cybercriminals don’t have to work very hard to gain access to your network and all the valuable information stored inside it.

Product showcase: Searchable encryption in Elasticsearch and OpenSearch with IronCore Labs
Cloaked Search by IronCore Labs uses ALE to protect your search data by ensuring that the data it holds is protected from unauthorized access even while the service is running.

New infosec products of the week: December 16, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Box, Ermetic, Keysight Technologies, Searchlight Security, and WatchGuard.

More about

Don't miss