Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...
Cybersecurity Threat Advisory: Increased cyberattacks unveiled
This Cybersecurity Threat Advisory looks at a threat actor who is targeting various private sector entities in Israel. Read the recommendations below to implement a layered security approach to protect against these cyberattacks. What is the threat? Microsoft has unveiled...
Cybersecurity Threat Advisory: NetScaler vulnerability exploited
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability beginning in late August 2023. This vulnerability is identified to be exploited remotely and with no...
Cybersecurity Threat Advisory: HTTP/2 vulnerability
Amazon Web Services (AWS), Cloudflare, and Google announced measures to mitigate unprecedented distributed denial-of-service (DDoS) attacks that utilize an innovative HTTP/2 Rapid Reset technique. In this Cybersecurity Threat Advisory, learn the details of this threat, what the risks are, and...
Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability
This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...
Cybersecurity Threat Advisory: Significant increase of cyber incidents
This Cybersecurity Threat Advisory sheds light on the recent global events between Israel and Hamas that have caused a surge in cyber incidents from hacker activists, also known as “hacktivists”. These attacks have been experienced on both sides of the...
Cybersecurity Threat Advisory: Atlassian zero-day vulnerability patch
Atlassian has recently announced a patch for a new zero-day vulnerability which allows for privilege escalation on affected versions of Confluence Data Center and Confluence Server. This Cybersecurity Threat Advisory explains the exploitation of this vulnerability, which could allow attackers...
Cybersecurity Threat Advisory: Update on libwebp vulnerability by Google
Google has identified a critical security vulnerability within the libwebp image library, which plays a crucial role in rendering WebP format images. This vulnerability, known as CVE-2023–5129, has been assigned the highest severity rating of 10.0 on the CVSS rating...
Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit
A proof-of-concept exploit code has surfaced on GitHub for a crucial authentication bypass vulnerability in Microsoft SharePoint Server. The exploit allows attackers to escalate privileges in Microsoft SharePoint Servers. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail to...
Cybersecurity Threat Advisory: New Cisco vulnerabilities discovered
Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities. The most critical vulnerability allows unauthorized remote access to the server. Multiple vulnerabilities were discovered in SD-WAN Manager that allows an attacker to access the compromised instance or cause...
