Chrome Vulns, Cisco Catastrophes, and Ransomware Revelations: Your Friday Cybersecurity Digest

Cybersecurity Digest for 19 July 2024:

Today we discuss:

• Yet Another Chrome Vulnerability
• Dual Critical Cisco Vulnerabilities; Including A Max Severity Vulnerability
• Life360 Data Breach
• Ivanti EMM Vulnerability
• New Novel Email Vulnerabilites\
• A Report on Fin7
• SOC Radar’s Global Ransomware Report
• CISA Adds 3 new vulns to its KEV
  
  

Articles Referenced in the Show in the order they appear:

Yet Another Chrome Vulnerability
Chrome Releases: Stable Channel Update for Desktop (googleblog.com)

Dual Critical Cisco Vulnerabilities; Including A Max Severity Vulnerability
Cisco Smart Software Manager On-Prem Password Change Vulnerability
Cisco Secure Email Gateway Arbitrary File Write Vulnerability

Life360 Data Breach
Over 400,000 Life360 user phone numbers leaked via unsecured API (bleepingcomputer.com)

Ivanti EMM Vulnerability
Security Advisory Ivanti Endpoint Manager for Mobile (EPMM) July 2024

New Novel Email Vulnerabilites
20 Million Trusted Domains Vulnerable to Email Hosting Exploits (darkreading.com)

A Report on Fin7
FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks - SentinelOne

SOC Radar’s Global Ransomware report
SOCRadar’s Global Ransomware Report 2024: Gain Insights Into Worldwide Ransomware Trends - SOCRadar® Cyber Intelligence Inc.

CISA Adds 3 new vulns to its KEV

NVD - CVE-2024-34102 (nist.gov)
NVD - CVE-2024-28995 (nist.gov)
NVD - CVE-2022-22948 (nist.gov)