OpenSSL Vulnerabilities(CVE-2022-3786 and CVE-2022-3602)

______________________________ A. Nature of the Vulnerability X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate continue reading : OpenSSL Vulnerabilities(CVE-2022-3786 and CVE-2022-3602)

Zero-Day Vulnerability in Google Chrome(CVE-2022-3723)

______________________________ A. Nature of the Vulnerability CVE-2022-3723 A type-confusion flaw in the Chrome V8 JavaScript engine.  As of the time of writing, no further information is available regarding this vulnerability. ______________________________ B. Actions to be Taken CERT-PH encourages all Google Chrome users/administrators to review and apply the updates to mitigate future threats. To manually check continue reading : Zero-Day Vulnerability in Google Chrome(CVE-2022-3723)

Critical Vulnerability in FortiOS and FortiProxy (CVE-2022-40684)

Fortinet has released a security update to address a critical vulnerability (CVE-2022-40684) in its FortiOS and FortiProxy products. Based on the internal advisory shared on social media, “Fortinet strongly recommends all customers with the vulnerable version to perform an immediate upgrade”. ______________________________ A. Nature of the Vulnerability CVE-2022-40684 Successful exploitation may allow an authenticated attacker continue reading : Critical Vulnerability in FortiOS and FortiProxy (CVE-2022-40684)

Microsoft Exchange Server Zero-Day Vulnerability (CVE-2022-41040 and CVE-2022-41082)

______________________________ A. Nature of the Vulnerability CVE-2022-41040  Successful exploitation could allow an authenticated attacker to trigger CVE-2022-41082 remotely in these attacks. CVE-2022-41082 Successful exploitation could allow remote code execution (RCE) when PowerShell is accessible to the attacker. ______________________________ B. Affected Version Microsoft Exchange Server 2013, 2016 and 2019 ______________________________ C. Actions to be Taken CERT-PH continue reading : Microsoft Exchange Server Zero-Day Vulnerability (CVE-2022-41040 and CVE-2022-41082)

Worok: A New Cyber Espionage Group Targeting Private and Local Government Entities Mostly in Asia

A new cyber espionage threat group that has been previously unknown named Worok and has been observed using undocumented tools targeting private and local government entities mostly in Asia. Based on the report by ESET, the group has been active for at least 2020 and observed a significant break in operation from 2021-05 to 2022-01, continue reading : Worok: A New Cyber Espionage Group Targeting Private and Local Government Entities Mostly in Asia