Cybersecurity Threat Advisory: Critical Atlassian Confluence vulnerability
A critical Atlassian Confluence template injection vulnerability has been identified. It affects all outdated versions of Confluence Data Center and Server, allowing unauthenticated attackers to achieve remote code execution (RCE). Read this Cybersecurity Threat Advisory in detail to learn about...
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...
Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability
This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered
In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...
Cybersecurity Threat Advisory: Microsoft zero-day exploit
This Cybersecurity Threat Advisory highlights a high-severity Microsoft Office and Windows HTML remote code execution vulnerability, CVE-2023-36884, with a base CVSS score of 8.3 has been discovered. Through this vulnerability attackers can execute arbitrary code on affected systems, leading to...
Cybersecurity Threat Advisory: New malware campaign targets banking institutions
A sophisticated malware campaign known as “Toitoin” is targeting banking firms in Latin America. The campaign employs evasive techniques, including the use of custom-built modules, encryption methods, and hosting malware on Amazon EC2 instances to evade detection. It is crucial...
Cybersecurity Threat Advisory: Fortinet vulnerability CVE-2022-40684
Fortinet has identified a critical vulnerability tracked as CVE-2022-40684. Upon a successful exploitation, a threat actor can remotely log into devices with FortiGate firewalls or FortiProxy web proxies using an authentication bypass on the administrative interface. Barracuda MSP recommends customers...