Cybersecurity Threat Advisory: F5 BIG-IP Next Central Manager vulnerabilities
Two high-severity vulnerabilities were discovered in the F5 BIG-IP Next Central Manager API allowing attackers to gain full administrative control and create hidden, persistent backdoors on managed devices. Barracuda MSP recommends reading this Cybersecurity Threat Advisory to learn which steps...
Cybersecurity Threat Advisory: RCE vulnerabilities in HPE Aruba Networking devices
HPE Aruba Networking has disclosed that critical remote code execution (RCE) vulnerabilities are impacting multiple versions of ArubaOS. Out of the ten vulnerabilities found, four pose critical risks of unauthenticated buffer overflows in various services. Read this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Active exploit of Atlassian Confluence
This Cybersecurity Threat Advisory details the exploitation of the critical vulnerability CVE-2023-22518 in the Atlassian Confluence Data Center and Server. Attackers are deploying a Linux variant of Cerber (aka C3RB3R) ransomware. This allows unauthenticated attackers to reset Confluence and create...
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability
A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...
Cybersecurity Threat Advisory: AnyDesk production system breach
AnyDesk confirmed that a cyberattack on their production systems has taken place. This has caused AnyDesk users to become vulnerable to data breaches, phishing attacks, and malware. Barracuda MSP recommends updating to the latest version of Windows (8.0.8) immediately and...
