Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: Apple macOS Critical Privilege Escalation Vulnerability

Cybersecurity Threat Advisory: Apple macOS Critical Privilege Escalation Vulnerability

Apple has released an emergency update for a critical kernel privilege escalation vulnerability in macOS Big Sur 11. This vulnerability allows an attacker to utilize the app to execute arbitrary code with kernel privileges. Barracuda MSP recommends updating to the...

/ May 24, 2022
Cybersecurity Threat Advisory: Zyxel Firewall vulnerability

Cybersecurity Threat Advisory: Zyxel Firewall vulnerability

Zyxel’s ATP, VPN, and USG FLEX series business firewalls are affected by a Remote Code Execution (RCE) vulnerability that allows unauthenticated malicious attackers to execute arbitrary commands on the affected devices. Over 20,800 devices have been affected by this vulnerability,...

/ May 20, 2022
Cybersecurity Threat Advisory: Apache CouchDB critical vulnerability

Cybersecurity Threat Advisory: Apache CouchDB critical vulnerability

Apache has released a patch for a critical remote privilege escalation vulnerability in Apache CouchDB 3.2.1 protocol. This vulnerability, if not patched, can allow threat actors to execute code on a targeted server or client without being authenticated. Barracuda MSP...

/ April 29, 2022
Cybersecurity Threat Advisory: GitLab vulnerability could allow account takeover

Cybersecurity Threat Advisory: GitLab vulnerability could allow account takeover

GitLab released an advisory on Thursday, March 31st regarding a new critical vulnerability found in their product, currently being tracked as CVE-2022-1162. This vulnerability can lead to vulnerable account takeover when exploited. GitLab has released a security patch, and Barracuda...

/ April 8, 2022 / 7 Comments
Cybersecurity Threat Advisory: “TLStorm” vulnerability found in APC Smart-UPS devices

Cybersecurity Threat Advisory: “TLStorm” vulnerability found in APC Smart-UPS devices

The security firm Armis has located three vulnerabilities in Schneider Electric’s APC Smart-UPS devices. These flaws are being tracked under the name “TLStorm.” This vulnerability can enable remote attackers to control the power of millions of enterprise devices to conduct...

/ March 16, 2022
Cybersecurity Threat Advisory: Dirty pipe Linux vulnerability provides privilege escalation

Cybersecurity Threat Advisory: Dirty pipe Linux vulnerability provides privilege escalation

Security researchers have discovered and released information on new vulnerabilities and kernel level exploits to the public. The vulnerabilities: CVE-2022-049 and CVE-2022-0847 are some of the highest severity exploits and affect out-of-date Linux distros. Due to the similarities with the...

/ March 15, 2022