Priority Patch All Apple and Android Devices, and MOVEit Applications; Have Legal Counsel Review EU US Data Privacy Review Court Agreement

On Monday, July 10, Apple released Rapid Security Response updates to address an arbitrary code execution vulnerability in the browser WebKit module in iOS, iPadOS, and macOS Ventura. The flaw is being actively exploited. On Tuesday, Apple pulled the update after it became "aware of an issue where this Rapid Security Response might prevent some websites from displaying properly. Rapid Security Response macOS 13.4.1 (b) will be available soon to address this issue."

Read more in

Google’s Android Security Bulletin for July 2023 addresses more than 40 vulnerabilities, several of which are being actively exploited. Those flaws include a privilege elevation vulnerability affecting the Midgard, Bifrost, and Valhall Mali GPU kernel drivers; a memory leak issue in the Arm Mali GPU driver for Bifrost and Avalon apps and Valhall chips; and a critical vulnerability in the Skia open-source 2D graphics library.

Read more in

Progress Software has disclosed three additional vulnerabilities affecting its MOVEit file transfer application: a critical SQL injection vulnerability; a high-severity group of SQL injection issues; and a high severity vulnerability that could be exploited to cause unexpected termination. The flaws are fixed in MOVEit versions 15.0.4, 14.1.8, 14.0.7, 13.1.7, and 13.0.9.

Read more in

The European Union has formally adopted the EU US Data Privacy Framework. The new data protection agreement requires US companies “to delete personal data when it is no longer necessary for the purpose for which it was collected, and to ensure continuity of protection when personal data is shared with third parties.” An EU court invalidated the previous EU US data privacy agreement, Privacy Shield, in 2020.

HCA Healthcare has disclosed a data security incident that compromised patient information, including names, telephone numbers, birth dates, and appointment data. HCA Healthcare said the incident “appears to be a theft from an external storage location exclusively used to automate the formatting of email messages.” HCA Healthcare is based in Tennessee and operates 180 hospitals and 2,300 ambulatory care sites across 20 US states.

Read more in

A US federal grand jury in California has indicted Rambler Gallo for allegedly intentionally causing damage to a protected computer at a water treatment facility. Gallo worked for a contractor hired by the Discovery Bay Water Treatment Facility. While employed by the contractor, Gallo allegedly installed software that allowed him to access the facility’s computer system from his home computer. Following his resignation, Gallo allegedly used the remote access to “transmit… a command to uninstall software that was the main hub of the facility’s computer network and that protected the entire water treatment system, including water pressure, filtration, and chemical levels.”

Read more in

Mozilla released Firefox 115.0 on July 4, 2023. The latest version of the introduces a feature called Quarantined Domains. Mozilla explains that the “feature allows us to prevent attacks by malicious actors targeting specific domains when we have reason to believe there may be malicious add-ons we have not yet discovered.” Firefox 115.0 also includes fixes for 13 security issues.

Read more in

A malware campaign targeting organizations in Latin America infects targets with the TOITOIN banking Trojan. The multi-stage attacks start with phishing and uses custom modules that are designed for “injecting harmful code into remote processes, circumventing User Account Control via COM Elevation Moniker, and evading detection by Sandboxes through clever techniques like system reboots and parent process checks.”

Read more in

Infrastructure services provider firm Ventia has taken some of its key systems offline to contain a cyber incident. Ventia, which is based in Australia and New Zealand, first disclosed the cyber incident over the weekend.

Read more in

A report from the Atlantic Council’s Cyber Statecraft Initiative examines cloud adoption in five critical infrastructure sectors: healthcare, transportation and logistics, energy, defense, and financial services. healthcare, transportation and logistics, energy, defense, and financial services. The report focuses on how the cloud operates as a benefit and/or a necessity in each sector with regard to data storage and availability, scale and scalability, and continuous availability requirements. The “report aims to raise awareness of the risks that a potential cloud compromise or outage poses to CI and, in so doing, to make the case that these risks necessitate the maturation of current policy tools, and creation of others, to address these risks.”

Read more in