- Google Releases Security Updates for Chrome
- CISA Releases Joint Cybersecurity Advisory on People’s Republic of China State-Sponsored Cyber actors
Google Releases Security Updates for Chrome
Situation:
Google has released Chrome version 102.0.5005.115 for Windows, Mac, and Linux.
Problem:
Prior versions of Chrome contain vulnerabilities
Implication:
An attacker could exploit these vulnerabilities to take control of an affected system.
Need:
Users and administrators should review the “Chrome Release Note” and apply the necessary update.
Additional Resources:
CISA Bulletin:
https://www.cisa.gov/uscert/ncas/current-activity/2022/06/10/google-releases-security-updates-chrome
Chrome Release Note:
https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html
________________________________
CISA Releases Joint Cybersecurity Advisory on People’s Republic of China State-Sponsored Cyber Actors
Situation:
The CISA, NSA, and FBI have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state-sponsored cyber actors exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure across public and private sector organizations.
Problem:
The PRC state-sponsored cyber actors have been readily exploiting publicly identified security vulnerabilities to compromise unpatched network devices. Utilizing a series of high-severity vulnerabilities for network devices to gain access to vulnerable infrastructure devices. This technique has allowed the actors to gain access into victim devices using publicly available exploit code against VPNs or public-facing applications, without using their own distinctive or identifying malware.
Top network device CVEs exploited by PRC state-sponsored cyber actors:
Cisco CVE-2018-0171 Remote Code Execution
Cisco CVE-2019-15271 RCE
Cisco CVE-2019-1652 RCE
Citrix CVE-2019-19781 RCE
DrayTek CVE-2020-8515 RCE
D-Link CVE-2019-16920 RCE
Fortinet CVE-2018-13382 Authentication Bypass
MikroTik CVE-2018-14847 Authentication Bypass
Netgear CVE-2017-6862 RCE
Pulse CVE-2021-22893 Authentication Bypass
QNAP CVE-2019-7192 Privilege Escalation
QNAP CVE-2019-7193 Remote Injection
QNAP CVE-2019-7194 XML Routing Detour Attack
QNAP CVE-2019-7195 XML Routing Detour Attack
Zyxel CVE-2020-29583 Authentication Bypass
Not having proper security measures in place, outlined in this advisory, could leave an organization vulnerable to a cyber intrusion.
Need:
The CISA, NSA, and the FBI encourage organizations to review People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices to learn about PRC tactics, techniques, and procedures and to apply the recommended mitigations.
Additional Resources:
Joint Cybersecurity Advisory:
https://www.cisa.gov/uscert/ncas/alerts/aa22-158a