Welcome back to this week's Security Bulletin!
We are going through the last days of the decade and we've seen how important Cybersecurity is in this year 2019! Many organizations were defeated by cyber-attacks and the frequency of these attacks has increased. Let's see the top trends in Cybersecurity that has been dominated this year :
- Phishing attacks through emails are still dominating in Cyberattack trends.
- Huge increase in mobile phone usage turned it into a source of attack.
- Ransomware threatened many organizations by encrypting data.
- Safety of user data in Social networks.
Global spending on Cybersecurity solutions such as hardware, software, and services is on the rise. This is expected to increase in the coming years as companies take it more seriously.
A critical vulnerability that lets external attackers access to a company's local network has been found in Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway). The vulnerability has been assigned the following CVE number: CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance leading to arbitrary code execution.
The vulnerability affects the following supported product versions on all supported platforms:
• Citrix ADC and Citrix Gateway version 13.0 all supported builds.
• NetScaler ADC and NetScaler Gateway version 12.1 all supported builds.
• NetScaler ADC and NetScaler Gateway version 12.0 all supported builds before 220.127.116.11.
• NetScaler ADC and NetScaler Gateway version 11.1 all supported builds before 18.104.22.168.
• NetScaler ADC and NetScaler Gateway version 10.5 all supported builds.
• Citrix SD-WAN WANOP software and appliance models 4000, 4100, 5000, and 5100 all supported builds.
The customers should apply provided mitigation urgently. The following knowledge based article contains the steps to deploy a responder policy to mitigate the issue for now until a permanent fix is available: CTX267679 - Mitigation steps for CVE-2019-19781.
Are you still using '123456' as your password? Then you are on top of the list of worst password users this year. Splashdata has released the annual worst password list by evaluating more than five million leaked login details.
In this era of the Internet, login details are the key to one's personal details and people are never going to stop using '123456', 'qwerty' or 'password' to protect their account. These kinds of passwords are easy to guess and by using it, you are opening your door to attackers. There are many websites which allow you to generate strong passwords such as:
If you still like to use simple passwords, then you may enable MultiFactor Authentication (MFA) which adds an additional layer of security by sending an OTP to your phone or any other method.
Dropbox is a file hosting service that provides cloud storage, file synchronization, personal cloud, and client software. A zero-day vulnerability is discovered in unpatched Dropbox for Windows that allows attackers to gain reserved system privileges from simple user privileges.
The vulnerability is in DropBoxUpdater service, which is responsible for updating client applications. This Dropbox updater service has two scheduled tasks running with SYSTEM permissions and writes log files to “c:\ProgramData\Dropbox\Update\Log”. Any user can access this folder as well as modify data.
0Patch published a micropatch to fix the vulnerability by removing log-writing code from the Dropbox updater. This micropatch is free for anyone using 0Patch!