article thumbnail

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

Consider adopting network security measures like intrusion detection and prevention systems (IDPS) to identify and prevent harmful traffic from reaching your RocketMQ server. It is suspected that the Akira ransomware organization used an undisclosed weakness in Cisco VPN software to evade authentication.

VPN 95
article thumbnail

Weekly Vulnerability Recap – December 18, 2023 – JetBrains TeamCity Exploits Continue

eSecurity Planet

The problem: Google’s data processing and analytics engine Dataproc has insufficient security controls on two open firewall ports. If a threat actor has the Dataproc IP address, they can access it without authenticating themselves. Orca Security’s research group released an article covering this vulnerability.

Backups 101
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – October 30, 2023 – Citrix & Cisco Haunted by Vulnerabilities

eSecurity Planet

The problem: Unpatched Citrix NetScaler ADC and Gateway appliances allow attackers to retrieve authentication session cookies and other information stored in buffers. allow for authentication bypass and gain root access to systems. account”) failed to verify secret tokens received for authentication before making API requests.

article thumbnail

16 Remote Access Security Best Practices to Implement

eSecurity Planet

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. We’ll cover a range of best practices for remote access security, from the simple and the practical to the more advanced.

article thumbnail

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs). Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data.

article thumbnail

A Ransomware Group Claims to Have Breached the Foxconn Factory

Hacker Combat

After a severe ransomware assault has hit them, they devote the necessary time and money to strengthening their cyber security defenses. Employees should undergo frequent cyber security awareness programs to keep them up to date on the latest cyber risks and how to recognize an attack in its early stages. Final Remarks.

article thumbnail

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 Collaboration: Cybersecurity groups, organizations, and industry stakeholders must work together to exchange knowledge and best practices in order to develop a collective defense against comparable threats.