Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Atlassian Confluence vulnerability
A critical Atlassian Confluence template injection vulnerability has been identified. It affects all outdated versions of Confluence Data Center and Server, allowing unauthenticated attackers to achieve remote code execution (RCE). Read this Cybersecurity Threat Advisory in detail to learn about...
Cybersecurity Threat Advisory: Cisco Unity Connection vulnerability
A new Cisco Unity Connection vulnerability, designated as CVE-2024-20272, has been discovered which poses a significant risk to organizations utilizing Cisco Unity Connection. Read this Cybersecurity Threat Advisory in detail to learn about the vulnerability and how to secure your...
Cybersecurity Threat Advisory: SonicWall vulnerable to DoS attacks
SonicWall firewalls are found to be vulnerable to two Denial of Service (DoS) attacks which can be caused by using the same vulnerable code pattern. Various research indicates SonicWall firewalls with management interfaces exposed online are vulnerable to one or...
Cybersecurity Threat Advisory: Critical RCE vulnerability
A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...
Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities
Two vulnerabilities have been identified in Ivanti Connect Secure and Ivanti Policy Secure Gateways, CVE-2023-46805 and CVE-2024-21887 respectively, which when exploited together allow for unauthenticated remote code execution. These CVEs affect all supported versions of the products. Continue reading this...
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...
Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability
A new vulnerability known as CVE-2023-50164 is being used by attackers to exploit the file upload functionality in Apache Struts2, an open-source framework for developing Java web applications. Barracuda MSP advises users to review this Cybersecurity Threat Advisory and upgrade...
Cybersecurity Threat Advisory: Google OAuth MultiLogin exploit
In October of 2023, an exploit was revealed by the threat actor PRISMA. This exploit generated persistent Google cookies through token manipulation. Now, attackers are exploiting a Google OAuth endpoint known as “MultiLogin” to restore expired authentication cookies. This allows...
Cybersecurity Threat Advisory: A look back at 2023
2023 was an eventful year for our Cybersecurity Threat Advisory series. We highlighted several vulnerabilities exploited in the wild, multiple ransomware groups striking against notable establishments (including targeting MSPs), and an increase in cyber hacktivism due to world events. Below...
Cybersecurity Threat Advisory: Google OAuth vulnerability
In this Cybersecurity Threat Advisory, we’re looking at a critical Google OAuth vulnerability that allows ex-employees to maintain access to applications such as Slack and Zoom. After off boarding, attackers can achieve access by creating non-Gmail accounts using corporate email...
