Tag: critical vulnerability
Cybersecurity Threat Advisory: Critical SonicOS vulnerability
A critical vulnerability has been identified in the SonicWall SonicOS management access. Continue reading this Cybersecurity Threat Advisory to learn about this vulnerability and recommendations to secure your environment. What is the threat? CVE-2024-40766, a critical vulnerability in the management...
Cybersecurity Threat Advisory: Another zero-click Windows TCP/IP vulnerability
Another critical zero-click Windows vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack, affecting all systems with IPv6 enabled. Review this Cybersecurity Threat Advisory now to mitigate potential exploitation and protect your systems. What is the threat?...
Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook
A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...
Cybersecurity Threat Advisory: Critical Cisco vulnerability
Cisco has disclosed a critical vulnerability, CVE-2024-20419, that affects the Smart Software Manager On-Prem (SSM On-Prem). Successful exploitation of this flaw allows unauthenticated remote threat actors to change administrative passwords. Review the details in this Cybersecurity Threat Advisory to mitigate...
Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit
The Veeam Backup & Replication vulnerability, CVE-2023-27532, which was patched in March 2023 is still being exploited. Attackers have managed to exploit unpatched systems to launch ransomware attacks since April 2024. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in...
Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit
Progress Software has released a patch for a high-severity vulnerability in MOVEit Transfer, identified as CVE-2024-5806. This vulnerability is currently under active attack and allows attackers to bypass authentication mechanisms. Organizations using MOVEit Transfer should review this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities
This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...
Cybersecurity Threat Advisory: Critical VBEM vulnerability
A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately. Read this Cybersecurity Threat Advisory to learn about which actions to take to...
Cybersecurity Threat Advisory: Check Point zero-day vulnerability
Check Point has issued a warning regarding a critical zero-day vulnerability known as CVE-2024-24919. The vulnerability has a CVSS score of 7.5 and is being actively exploited by threat actors in the wild. This can potentially allow attackers to read...
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability
This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....