Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Significant increase of cyber incidents
This Cybersecurity Threat Advisory sheds light on the recent global events between Israel and Hamas that have caused a surge in cyber incidents from hacker activists, also known as “hacktivists”. These attacks have been experienced on both sides of the...
Cybersecurity Threat Advisory: Atlassian zero-day vulnerability patch
Atlassian has recently announced a patch for a new zero-day vulnerability which allows for privilege escalation on affected versions of Confluence Data Center and Confluence Server. This Cybersecurity Threat Advisory explains the exploitation of this vulnerability, which could allow attackers...
Cybersecurity Threat Advisory: Update on libwebp vulnerability by Google
Google has identified a critical security vulnerability within the libwebp image library, which plays a crucial role in rendering WebP format images. This vulnerability, known as CVE-2023–5129, has been assigned the highest severity rating of 10.0 on the CVSS rating...
Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit
A proof-of-concept exploit code has surfaced on GitHub for a crucial authentication bypass vulnerability in Microsoft SharePoint Server. The exploit allows attackers to escalate privileges in Microsoft SharePoint Servers. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail to...
Cybersecurity Threat Advisory: New Cisco vulnerabilities discovered
Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities. The most critical vulnerability allows unauthorized remote access to the server. Multiple vulnerabilities were discovered in SD-WAN Manager that allows an attacker to access the compromised instance or cause...
Cybersecurity Threat Advisory: WS_FTP Server vulnerabilities uncovered
Multiple vulnerabilities have been found in all versions of WS_FTP Server. The critical and high vulnerabilities include a directory traversal flaw (CVE-2023-42657) with a CVSS score of 9.9, a high-severity reflected cross-site scripting (XSS) issue (CVE-2023-40045, CVSS 8.3), a SQL...
Cybersecurity Threat Advisory: New Microsoft Word vulnerability
A new Microsoft Word vulnerability, CVE-2023-36761, was disclosed by Microsoft. This new vulnerability is rated 5.3 by NIST, a medium-level vulnerability but Microsoft has rated this as “Important”. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail and follow...
Cybersecurity Threat Advisory: Apple releases patches for zero-day vulnerabilities
Apple has released more security patches after three zero-day vulnerabilities were discovered in iOS, iPadOS, MacOS, WatchOS, and Safari. These vulnerabilities are actively being exploited in the wild against several frameworks and systems of Apple products, making sixteen total zero-days...
Cybersecurity Threat Advisory: Threat actor targets government
This Cybersecurity Threat advisory discusses a Chinese threat actor known as “Earth Lusca” has been observed targeting government entities. They are using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing...
Cybersecurity Threat Advisory: Critical security patches for GitLab
This Cybersecurity Threat Advisory highlights GitLab’s recent critical vulnerability, which security update have been released for. A successful exploitation can allow threat actors to mask themselves as other users during scheduled security scans while they run automated tasks (also known...
