Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical update for Juniper Networks routers
A high-severity vulnerability in Juniper Networks, known as CVE-2024-2973, has been exploited. The following flaw affects some of its router products and users need to address it early enough to avoid exploitation. Review this Cybersecurity Threat Advisory in full to...
Cybersecurity Threat Advisory: OpenSSH vulnerability threatens remote code execution
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. Please review the information in this Cybersecurity Threat Advisory to limit your potential...
Cybersecurity Threat Advisory: Critical GitLab vulnerabilities
GitLab has released multiple security updates that address a total of 14 vulnerabilities. Attackers can exploit one of the vulnerabilities to run pipelines as any user. Read this Cybersecurity Threat Advisory in detail to learn more about how you can...
Cybersecurity Threat Advisory: TeamViewer breach
On June 26, RMM software designer TeamViewer announced a recent breach of their network. According to TeamViewer, no customer data has yet been compromised by this breach. Read this Cybersecurity Threat Advisory in detail to secure your network and devices....
Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit
Progress Software has released a patch for a high-severity vulnerability in MOVEit Transfer, identified as CVE-2024-5806. This vulnerability is currently under active attack and allows attackers to bypass authentication mechanisms. Organizations using MOVEit Transfer should review this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Five new vulnerabilities found in Zyxel NAS
Zyxel has released a patch for their NAS326 and NAS542 to fix five new vulnerabilities that have been discovered. These vulnerabilities affect devices with versions 5.21 (AAZF16/ABAG13) and earlier. Barracuda MSP recommends customers using these devices to follow the steps...
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities
This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...
Cybersecurity Threat Advisory: VMware privilege escalation vulnerabilities
VMware has released patches to address critical vulnerabilities impacting Cloud Foundation, vCenter Server, and vSphere ESXi, which could be exploited to achieve privilege escalation and remote code execution. The flaws, identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have high CVSS scores....
Cybersecurity Threat Advisory: Critical ASUS vulnerability
ASUS released a product security advisory urging customers to update their firmware to address a critical authentication bypass vulnerability impacting multiple of its router models. Review this Cybersecurity Threat Advisory to learn which router models are impacted and how to...
Cybersecurity Threat Advisory: Atlassian Confluence RCE vulnerability
A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian’s Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat...
