Cybersecurity Threat Advisory: Critical vulnerabilities in SonicWall
SonicWall disclosed three critical vulnerabilities affecting the SonicOS firmware. These flaws include an authentication bypass affecting the SSL VPN and SSH management interfaces, which can enable attackers unauthorized access upon successful exploitation. Continue reading this Cybersecurity Threat Advisory for more...
Cybersecurity Threat Advisory: Three critical Sophos firewall vulnerabilities
Sophos has disclosed three critical vulnerabilities in its firewall product that could allow remote unauthenticated attackers to perform structured query language (SQL) injection, execute arbitrary code, and gain privileged secure shell (SSH) access to affected devices. Review the details of...
Cybersecurity Threat Advisory: New social engineering campaign
An active social engineering campaigns uses Microsoft Teams and AnyDesk to deploy DarkGate malware. Attackers are impersonating trusted contacts during Teams calls to deceive victims into installing remote access tools, facilitating unauthorized system access, and deploying the malware. Review the...
Cybersecurity Threat Advisory: Socks5Systemz botnet compromise
The Socks5Systemz botnet has been revealed as the backbone for the illicit proxy service PROXY.AM, compromising over 85,000 devices globally. This botnet enables cybercriminals to conduct anonymous operations, including fraud, data theft, and distributed denial-of-service (DDoS) attacks. Continue to read...
Cybersecurity Threat Advisory: New critical Citrix vulnerabilities
New critical vulnerabilities in Citrix Virtual Apps and Desktops, tracked as CVE-2024-8068 and CVE-2024-8069, as well as new flaws involving MSMQ (Microsoft Message Queuing) misconfiguration, were discovered. These vulnerabilities enable attackers to achieve unauthenticated remote code execution (RCE) on vulnerable...
Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS
There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra’s SMTP PostJournal service. Review the details...
Cybersecurity Threat Advisory: Another zero-click Windows TCP/IP vulnerability
Another critical zero-click Windows vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack, affecting all systems with IPv6 enabled. Review this Cybersecurity Threat Advisory now to mitigate potential exploitation and protect your systems. What is the threat?...
Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability
There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage. Review this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Critical flaws discovered in Cacti framework
This Cybersecurity Threat Advisory breaks down multiple critical vulnerabilities in the Cacti framework, an open-source network monitoring and fault management tool. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code and compromise network infrastructure. Continue reading this...
Cybersecurity Threat Advisory: Critical GitLab bug
A critical vulnerability in GitLab, labelled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA). Barracuda MSP recommends GitLab users review this Cybersecurity Threat Advisory now to...
