Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Vulnerability within TP-Link routers

Cybersecurity Threat Advisory: Vulnerability within TP-Link routers

A vulnerability that could lead to critical status, tracked as CVE-2023-1389, was identified in TP-Link Archer AX-21 routers. The Ballista botnet is currently exploiting this vulnerability, which can spread automatically across the web. Continue reading this Cybersecurity Threat Advisory to...

/ March 12, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical VMware vulnerabilities exploited

Cybersecurity Threat Advisory: Critical VMware vulnerabilities exploited

Three critical vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) are actively exploited, posing a significant threat to VMware virtualization environments. Review the details in this Cybersecurity Threat Advisory to learn how to mitigate your risks. What is the threat? These vulnerabilities present...

/ March 5, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL

Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL

Security experts identified a critical PostgreSQL vulnerability, CVE-2025-1094, with a CVSS of 8.1. The vulnerability poses a significant risk to database integrity in enterprise and production environments. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks. What...

/ February 28, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Check Point’s flaw under active exploitation

Cybersecurity Threat Advisory: Check Point’s flaw under active exploitation

A threat cluster dubbed “Green Nailao” is targeting European organizations, particularly in the healthcare sector, using Check Point Network Gateway Security vulnerability, CVE-2024-24919.  Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat?...

/ February 25, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New OpenSHH vulnerabilities

Cybersecurity Threat Advisory: New OpenSHH vulnerabilities

Two OpenSSH vulnerabilities, CVE-2025-26465 and CVE-2025-26466, affect multiple versions of OpenSSH. These vulnerabilities can be exploited for man-in-the-middle (MitM) attacks or cause a denial-of-service (DoS) attack. Review this Cybersecurity Threat Advisory to mitigate your risk. What is the threat? OpenSSH...

/ February 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Xerox printer vulnerabilities

Cybersecurity Threat Advisory: Xerox printer vulnerabilities

Two vulnerabilities, CVE-2024-12510 and CVE-2024-12511, have been found in the Xerox VersaLink C7025 Multifunction Printer. Upon successful exploitation, bad actors can capture authentication credentials through pass-back attacks via lightweight directory access protocol (LDAP), server message block (SMB), and file transfer...

/ February 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Juniper vulnerability

Cybersecurity Threat Advisory: Critical Juniper vulnerability

A critical vulnerability, CVE-2025-21589, is found in Juniper Networks’ Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw enables threat actors to bypass authentication mechanisms and gain administrative control over affected devices. Continue reading this Cybersecurity...

/ February 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Brute force attack targeting edge devices

Cybersecurity Threat Advisory: Brute force attack targeting edge devices

The Shadowserver Foundation uncovered a large brute force attack, with approximately 2.8 million IPs launching attacks on edge devices like firewalls, routers, and VPNs. Continue to read this Cybersecurity Threat Advisory to learn how you can mitigate the risks of...

/ February 18, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: High-severity PAN-OS vulnerability

Cybersecurity Threat Advisory: High-severity PAN-OS vulnerability

A high-severity authentication bypass vulnerability in PAN-OS software, CVE-2025-0108, was disclosed. This flaw allows unauthenticated attackers with network access to bypass authentication and invoke PHP scripts, compromising system integrity and confidentiality. Read this Cybersecurity Threat Advisory to learn how you can...

/ February 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apple critical zero-day vulnerability

Cybersecurity Threat Advisory: Apple critical zero-day vulnerability

Apple has issued emergency security updates to address a critical zero-day vulnerability, CVE-2025-24200, which has been exploited in targeted and “extremely sophisticated” attacks. This vulnerability affects iPhone and iPad users, posing significant risks to user security. Review the details of...

/ February 13, 2025