Newsletter

Advisories, Vulnerabilities & Alerts

Apple Announces Zero Day Vulnerabilities for Mac

Description: Apple has announced two zero-day vulnerabilities targeting Intel-based Mac computers. The vulnerabilities allow threat actors to perform remote code execution via web content on Sequoia-based systems.

Apple has confirmed that the there have been reports of the vulnerabilities being exploited in the wild and recommends that users upgrade their operating system immediately.

Recommended Actions:

Update MacOS machines to Sequoia 15.1.1 immediately.
Perform third-party application patching during OS update process.
Inventory MacOS devices for vulnerable versions based on Intel vs Apple Silicon CPU architecture.

External Links:

Bleeping Computer

Chinese Hackers Exploit Fortinet VPN Zero-Day

Description: Chinese threat actors have recently been exploiting a zero-day vulnerability found within the FortiClient Windows VPN client across the globe. The zero-day allows threat actors to dump credentials stored in memory after a user authenticates into the VPN client, thus allowing the threat actors to receive login information in plaintext that can then be used for further exploitation against an individual or organization. As of time of writing, there is currently no available patch for the FortiClient vulnerability, and Fortinet has not confirmed the zero-day.

Recommended Actions:

Restrict Fortinet VPN access to only individuals who require immediate access until a patch has been deployed.
Monitor VPN authentication attempts and successes for suspicious login attempts.

External Links:

Bleeping Computer

Zero-Day Exploitation Targeting Palo Alto Network Firewall Management Interfaces

Description: Cybersecurity firm Palo Alto Networks (PAN) published a bulletin advising firewall customers to take steps to secure their firewall management interfaces. The vulnerability enables an unauthenticated attacker with network access to the management web interface to gain administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities.

Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability.

Recommended Actions:

Make sure that only trusted internal IP addresses are allowed to access the management interface.
Update affected devices to the published fixed versions.
Follow the best practice deployment guidelines provided by the vendor.

External Links:

Rapid7

Microsoft Windows Server 2022 Unexpected Upgrades

Description: Microsoft released an update to Windows Server 2022 versions in early November 2024 that caused the potential for servers to be automatically and inadvertently updated to Microsoft Windows Server 2025. Affected users reported that there was no notification or alert to the upgrade, and users could not opt out of the version upgrade if it was initiated.

Microsoft has reported that this issue affected machines that were being managed and updated by third-party tools. The issue was fixed on Microsoft’s end, but users still need to ensure that updates are not being automatically deployed for this patch version of Windows Server 2022.

Recommended Actions:

Pause automatic updates via patching tools for Windows Server 2022 machines.
Confirm that all Windows Server 2022 machines are online and functioning properly as of November 2024.
Limit the deployment of automatic updates to critical servers and instead focus on manual patch installation after testing and validation.

External Links:

ITPro

Cisco Event Response: October 2024 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Description: At the end of October 2024, Cisco released the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication includes 35 Cisco Security Advisories that describe 51 vulnerabilities in Cisco ASA, FMC, and FTD.

Cisco has released software updates that address these vulnerabilities.

Recommended Actions:

Review the Security Advisory Table to check if any vulnerability affects your environment and patch accordingly.

External Links:

Cisco

Celito is a team of experienced IT Executives, Industry Professionals, and Business Consultants focused on the life sciences industry.

Products

Quality Suite

Clinical Suite

Consulting

Executive IT Management

GxP Systems Management

Product Commercialization

Company

About

Contact

Request Demo

Celito Tech, Inc.

CORPORATE HEADQUARTERS

2100 Geng Road Suite #210

Palo Alto, CA 94303

US OFFICE LOCATION

842 Main St.

Redwood City, CA 94063

+1 650.374.2121

Celito Tech, Inc.

INDIA OFFICE LOCATION

Celito Tech India Pvt Ltd.

Flat No.A105, 1st Floor

Aditya's Imperial Heights,

Hyderabad, Rangareddi-500049

Telangana, India

+91 984.902.4174

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.