Tag: vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Glibc root access vulnerability

Cybersecurity Threat Advisory: Glibc root access vulnerability

A critical security flaw in the GNU C Library (glibc) has been disclosed, tracked as CVE-2023-6246. It allows malicious attackers to gain full root access on Linux machines. Read this Cybersecurity Threat Advisory to learn how to mitigate the risks...

/ February 1, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability

Cybersecurity Threat Advisory: High-severity WebRTC vulnerability

A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...

/ January 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware critical code vulnerability

Cybersecurity Threat Advisory: VMware critical code vulnerability

VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...

/ November 1, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered

Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered

In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...

/ August 29, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability

Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability

A critical vulnerability has been discovered in MOVEit Transfer, a commonly used managed file transfer (MFT) solution developed by Progress Software. This vulnerability allows remote attackers to execute arbitrary code on affected systems. The vulnerability is actively exploited in the...

/ June 2, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited

Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited

A new vulnerability, CVE-2023-27350, has been discovered which affects PaperCut MF and NG print management software. Successful exploitation of the vulnerability would allow attackers to access sensitive user information (usernames, email addresses, office/department information, and card numbers) without authentication. A...

/ May 8, 2023 / 1 Comment
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Fortinet vulnerability

Cybersecurity Threat Advisory: New Fortinet vulnerability

Fortinet has released information concerning a FortiOS & FortiProxy Heap Buffer administrative interface vulnerability with a CVSS score of 9.3. The vulnerability allows an unauthenticated attacker to execute commands on the device and/or perform a denial-of-service (DoS) attack on the...

/ March 9, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Palo Alto PAN-OS vulnerability

Cybersecurity Threat Advisory: Palo Alto PAN-OS vulnerability

This week, Palo Alto released a patch for PAN-OS’ vulnerability (CVE-2022-0028). This vulnerability is actively being targeted by threat actors. Firewalls running PAN-OS could permit an attacker to perform a Denial-of-Service (DoS) attack. Barracuda MSP recommends updating affected Palo Alto...

/ August 17, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: OpenSSL vulnerability

Cybersecurity Threat Advisory: OpenSSL vulnerability

Two vulnerabilities were discovered in OpenSSL version 3.0.4 that impacts RSA Private Keys and AES OCB Encryption operations. These vulnerabilities cause an incorrect RSA implementation for 2048-bit private keys that can lead to memory corruption while the device is in...

/ July 15, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Azure vulnerability

Cybersecurity Threat Advisory: New Microsoft Azure vulnerability

Researchers at Point 42 discovered a flaw in Microsoft Azure’s Fabric, dubbed ‘FabricScape’, propagating the ongoing series of vulnerabilities that the platform has been facing. This vulnerability allows bad actors using Linux to escalate their own privileges to the extent...

/ July 10, 2022