eSecurity Planet

SEPTEMBER 5, 2023

Collectively, these episodes highlight the need for comprehensive cybersecurity defenses and timely patch management for risk mitigation. Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. Versions of RocketMQ before 5.1.0

VPN 95

VPN Authentication Ransomware Antivirus 95

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software 89

Software Education Ransomware Firmware 89

eSecurity Planet

SEPTEMBER 13, 2023

Microsoft’s Patch Tuesday for September 2023 includes 59 vulnerabilities, five of them rated critical and two currently being exploited in the wild. The two vulnerabilities currently being exploited are CVE-2023-36761 , an information disclosure flaw in Microsoft Word with a CVSS score of 6.2;

Engineering 103

Engineering Security Defenses Risk Cybersecurity 103

eSecurity Planet

AUGUST 9, 2023

Microsoft’s Patch Tuesday for August 2023 addresses 74 vulnerabilities, six of them critical. The six critical vulnerabilities discussed in the release note are as follows: CVE-2023-29328 and CVE-2023-29330 , a pair of remote code execution flaws in Microsoft Teams with a CVSS score of 8.8 exe and hvciscan_arm64.exe),

VPN 88

VPN Security Defenses Cybersecurity Engineering 88

eSecurity Planet

AUGUST 10, 2023

Read next: Network Protection: How to Secure a Network Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. You can unsubscribe at any time.

Internet 71

Internet Internet Cybersecurity Malware 71

eSecurity Planet

JANUARY 11, 2024

Most Compromises Exploit Unmanaged Devices Microsoft’s fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from unmanaged devices and that 60% of those attacks use remote encryption. Sophos X-Ops illustrates how remote encryption operates beyond security tool detection.

Ransomware 110

Ransomware Encryption IoT VPN 110

eSecurity Planet

AUGUST 12, 2023

Trellix researchers are disclosing a number of critical data center power management platform vulnerabilities at DEFCON 2023 today. effort to secure critical infrastructure. CVE-2023-3265: Improper Neutralization of Escape, Meta, or Control Sequences (Auth Bypass; CVSS 7.2) CVE-2023-3261: Buffer Overflow (DOS; CVSS 7.5)

Authentication 89

Authentication Spyware DDOS Cybersecurity 89