Tag: critical vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical SonicOS vulnerability

Cybersecurity Threat Advisory: Critical SonicOS vulnerability

A critical vulnerability has been identified in the SonicWall SonicOS management access. Continue reading this Cybersecurity Threat Advisory to learn about this vulnerability and recommendations to secure your environment. What is the threat? CVE-2024-40766, a critical vulnerability in the management...

/ August 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Another zero-click Windows TCP/IP vulnerability

Cybersecurity Threat Advisory: Another zero-click Windows TCP/IP vulnerability

Another critical zero-click Windows vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack, affecting all systems with IPv6 enabled. Review this Cybersecurity Threat Advisory now to mitigate potential exploitation and protect your systems. What is the threat?...

/ August 16, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook

Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook

A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...

/ August 15, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Cisco vulnerability

Cybersecurity Threat Advisory: Critical Cisco vulnerability

Cisco has disclosed a critical vulnerability, CVE-2024-20419, that affects the Smart Software Manager On-Prem (SSM On-Prem). Successful exploitation of this flaw allows unauthenticated remote threat actors to change administrative passwords. Review the details in this Cybersecurity Threat Advisory to mitigate...

/ July 19, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit

Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit

The Veeam Backup & Replication vulnerability, CVE-2023-27532, which was patched in March 2023 is still being exploited. Attackers have managed to exploit unpatched systems to launch ransomware attacks since April 2024. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in...

/ July 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit

Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit

Progress Software has released a patch for a high-severity vulnerability in MOVEit Transfer, identified as CVE-2024-5806. This vulnerability is currently under active attack and allows attackers to bypass authentication mechanisms. Organizations using MOVEit Transfer should review this Cybersecurity Threat Advisory...

/ June 28, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...

/ June 26, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical VBEM vulnerability

Cybersecurity Threat Advisory: Critical VBEM vulnerability

A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately. Read this Cybersecurity Threat Advisory to learn about which actions to take to...

/ June 12, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Check Point zero-day vulnerability

Cybersecurity Threat Advisory: Check Point zero-day vulnerability

Check Point has issued a warning regarding a critical zero-day vulnerability known as CVE-2024-24919. The vulnerability has a CVSS score of 7.5 and is being actively exploited by threat actors in the wild. This can potentially allow attackers to read...

/ June 3, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability

Cybersecurity Threat Advisory: Fluent Bit critical vulnerability

This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....

/ May 22, 2024