CyberScotland Bulletin

Technical Bulletin November 2022

The CyberScotland Technical Bulletin is designed to provide you with information about updates, exploits and countermeasures.

Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.

Section Microsoft Patch Tuesday

Microsoft Patch Tuesday

On 8 November, Microsoft announced its monthly security updates. This round of updates fixed 6 zero-days and 68 vulnerabilities. 11 of these vulnerabilities are classified as ‘Critical’. This includes CVE-2022-41125, a vulnerability in the Windows CNG Key Isolation Service which allowed attackers to escalate to SYSTEM privileges.

Other fixes included CVE-2022-41082, a remote code execution vulnerability in Microsoft Exchange rated 8.0. This could be exploited by an attacker to take complete control of an Exchange server. No action is required for customers using the Exchange Emergency Mitigation Services (EEMS) relating to this vulnerability, however, Microsoft recommends patching the other vulnerabilities in this release as soon as possible.

Section Dropbox Data Breach

Dropbox Data Breach

Dropbox has recently suffered a data breach after an attacker gained access to a developer’s GitHub account. The attacker used a phishing email imitating CircleCI with a fake login page to harvest GitHub credentials, then cloned approximately 130 public and private repositories.

Dropbox confirmed in a statement that no personal data such as passwords or payment information was accessed and that “the risk to customers is minimal” with “no evidence of successful abuse”

Section Google Chrome Zero-Day Exploit

Google Chrome Zero-Day Exploit

On 27 October Google released a patch for a high-severity zero-day exploit in the Chrome browser.

CVE-2022-3723 is a confusion-type error with Google Chrome’s V8 JavaScript engine. Attackers typically exploit this type of error to execute malicious code which could lead to gaining control of an affected system.

Google recommends ensuring Chrome is updated to at least Version 107.0.5304.87 or 107.0.5304.88 for Windows users and 107.0.5304.87 for Mac and Linux users.

CiSP – The Cyber Security Information Sharing Partnership

The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK […]

Read more CiSP – The Cyber Security Information Sharing Partnership in modal dialog

Scottish Information Sharing Network (SciNET Group)

SciNet is a community for Scottish Buisnesses to engage on CiSP. The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and […]

Read more Scottish Information Sharing Network (SciNET Group) in modal dialog

Early Warning Service

The NCSC provides a free service to organisations to inform them of threats against their network. This service will notify you on all cyber attacks detected by the feed suppliers against your organisation and is designed to compliment your existing […]

Read more Early Warning Service in modal dialog
Scottish Business Resilience Centre
Back to top of the page