Schneier on Security

AUGUST 3, 2021

Forbes has the story : Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said.

Manufacturing 358

Manufacturing Spyware Surveillance Encryption 358

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet 290

Internet Internet Backups Small Business 290

Security Affairs

APRIL 6, 2024

An unauthenticated, remote attacker can conduct a cross-site scripting (XSS) attack against a user of the interface. “A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.” ” reads the advisory.

Small Business 136

Small Business VPN Wireless Software 136

Security Affairs

JANUARY 25, 2024

Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. An unauthenticated, remote attacker can exploit the flaw to execute arbitrary code on an affected device. . The Cisco PSIRT is not aware of attacks in the wild exploiting this flaw.

Hacking 123

Hacking Information Security 123

Bleeping Computer

SEPTEMBER 28, 2023

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [.]

110

110

eSecurity Planet

FEBRUARY 19, 2024

While this week was a little light on vulnerability news, it’s still been significant, with Microsoft’s Patch Tuesday happening as well as updates for major products, like Zoom. Also keep an eye on the last few weeks’ vulnerability recaps, especially because we’ve seen repeat products that continue to be exploited.

VPN 92

VPN DNS Ransomware Software 92

Security Affairs

MARCH 8, 2024

QNAP addressed three vulnerabilities in its NAS products that can be exploited to access devices. QNAP addressed three vulnerabilities in Network Attached Storage (NAS) devices that can be exploited to access the devices. x QTS 5.1.3.2578 build 20231110 and later QTS 4.5.x x QuTScloud c5.1.5.2651 and later myQNAPcloud 1.0.x

Authentication 122

Authentication Hacking Internet Internet 122

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. “A successful exploit could allow the attacker to execute arbitrary script code in the browser or access sensitive, browser-based information, including a valid SAML token.

VPN 99

VPN Authentication Hacking Information Security 99

The Last Watchdog

JULY 1, 2022

The pandemic-driven remote working brought about unforeseen challenges that the pre-pandemic corporate world would have never imagined. Now that the dust seems to have settled on the novelty of remote working, there’s no doubt that remote working- whether organizations like it or not is here to say. Fragmentation dilemma .

Mobile 217

Mobile Education Phishing Technology 217

Heimadal Security

FEBRUARY 7, 2024

AnyDesk confirmed recently that a cyberattack has affected their product systems. The hackers accessed the source code and private code signing keys. Initially, the 170,000 customers remote access software company claimed an unplanned maintenance to explain why client logins failed between January 29th and February 1st.

Software 88

Software Cybersecurity 88

Tech Republic Security

AUGUST 12, 2020

Moving on from passwords to strong authentication and adaptive access policies is key to improving security without hurting productivity, especially given the increase in remote working.

Authentication 218

Authentication Passwords 218

Security Affairs

MARCH 12, 2024

Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 that address 59 security vulnerabilities in its products. ” reads the advisory.

Internet 120

Internet Internet Authentication Hacking 120

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link.

Phishing 228

Phishing Architecture Passwords Accountability 228

Security Affairs

APRIL 11, 2024

The company fixed the following DoS vulnerabilities: CVE-2024-3385 – The company reported that a packet processing mechanism in Palo Alto Networks PAN-OS software allows a remote attacker to reboot hardware-based firewalls. This was encountered by two customers in normal production usage.” ” reads the advisory.

Firewall 124

Firewall Software Engineering Authentication 124

Schneier on Security

NOVEMBER 30, 2021

Tech makers constantly improve their products to take advantage of speed and power increases, but customers don’t always upgrade at the same pace. This creates a long tail of old products that remain in widespread use, vulnerable to attacks. It is then assembled by a technician and accessible through cloud services.

Technology 270

Technology Engineering Software Cybersecurity 270

Security Affairs

FEBRUARY 12, 2024

Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used to sell the remote access Trojan Warzone RAT (www.warzone[.]ws). “Federal authorities in Boston seized www.warzone.ws

Malware 106

Malware Hacking Cybercrime Advertising 106

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 253

Manufacturing Spyware Surveillance Marketing 253

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk 202

Risk VPN Internet Internet 202

Security Affairs

SEPTEMBER 8, 2023

Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. The group now is targeting Cisco VPN products to gain initial access to corporate networks. or earlier).

Ransomware 138

Ransomware VPN Authentication Hacking 138

Security Affairs

AUGUST 2, 2022

VMware patched a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. VMware has addressed a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. ” reads a post published by the company.

Authentication 112

Authentication Hacking Information Security 112

eSecurity Planet

APRIL 15, 2024

Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security. The problem: Bitdefender researchers discovered four vulnerabilities in LG WebOS smart TVs that allowed unauthorized access and control. Consider exploring virtual desktop infrastructure.

Firewall 93

Firewall VPN Software Risk 93

Security Affairs

SEPTEMBER 8, 2023

The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. This vulnerability allows for remote code execution on the ManageEngine application.”

VPN 127

VPN Firewall Accountability Cybersecurity 127

Penetration Testing

FEBRUARY 2, 2024

AnyDesk, a widely used remote desktop software, recently announced a significant breach within its production environment.

Penetration Testing 83

Penetration Testing Cybersecurity Authentication Software 83

Security Affairs

SEPTEMBER 29, 2021

. “US government experts pointed out that compromised VPN devicesrepresented the entry points into protected networks, for this reason, multiple nation-state actors have weaponized common known vulnerabilities to gain access to vulnerable VPN servers.” These products include custom, non-standard features to tunnel traffic via TLS.

VPN 131

VPN Government Firmware Authentication 131

Bleeping Computer

JULY 17, 2021

CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [.].

Firmware 139

Firmware Mobile Ransomware 139

Security Affairs

NOVEMBER 3, 2022

Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple vulnerabilities impacting some of its products, including high-severity flaws in identity, email, and web security products. ” reads the advisory.

Engineering 134

Engineering Hacking Information Security 134

The Hacker News

FEBRUARY 23, 2023

Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023. As many as 24 different products, including Access

90

90

Malwarebytes

OCTOBER 25, 2023

Since there are no in-product workarounds, customers are advised to apply the updates urgently. The affected products are VMware vCenter Server versions 7.0 A malicious actor with network access to could trigger an out-of-bounds write, potentially leading to remote code execution (RCE). It has a CVSS score 4.3

Software 103

Software Risk Cybersecurity 103

Malwarebytes

FEBRUARY 21, 2024

The leaked data is organized in a few groups, such as complaints about the company, chat records, financial information, products, employee information, and details about foreign infiltration. According to the leaked data, i-Soon infiltrated several government departments, including those from India, Thailand, Vietnam, South Korea, and NATO.

Penetration Testing 127

Penetration Testing Spyware Media Government 127

Security Affairs

JANUARY 5, 2024

Ivanti fixed a critical vulnerability in its Endpoint Manager (EPM) solution that could lead to remote code execution (RCE) on vulnerable servers Ivanti has released security updates to address a critical vulnerability, tracked as CVE-2023-39336 (CVSS score 9.6), impacting its Endpoint Manager (EPM) solution. and below). and prior.

Mobile 112

Mobile Authentication Hacking Software 112

eSecurity Planet

MARCH 11, 2024

This past week, both JetBrains TeamCity and Atlassian Confluence products have run into more hiccups as their string of vulnerabilities continues. JetBrains and Atlassian users should pay special attention since vulnerabilities continue cropping up in the same products. These releases fix over 30 vulnerabilities.

Authentication 96

Authentication Software VPN Security Defenses 96

CSO Magazine

NOVEMBER 21, 2022

The ability for employees to work remotely comes with many benefits, from better work-life balance to lower expenses to higher productivity. But a widely dispersed workforce can pose some great challenges for security teams, not least of which is how remote work affects security incident reporting.

Technology 105

Technology 105

Security Affairs

APRIL 22, 2024

The expert exploiting this known issue discovered the following vulnerabilities: CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability – The RCE issue resides in Windows’s new extraction logic for all newly supported archive types. ” wrote Or Yair.

Software 121

Software Engineering Hacking Malware 121

CyberSecurity Insiders

APRIL 3, 2023

Companies use MDM solutions to maintain a secure environment across all the mobile devices they own or have access to, as well as provide features such as remote wipe, password policies, application management and data protection. Improved security is one of the most important reasons why businesses need MDM solutions.

Mobile 127

Mobile Data breaches Cyber threats Software 127

The Hacker News

JUNE 20, 2023

The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution. It impacts VMware

91

91

CSO Magazine

FEBRUARY 21, 2023

Access control provider Alcatraz AI is adding web-based, mobile enrollment and privacy consent management to its flagship facial authentication product, the Rock, to enhance building security and ease employee and visitor registration. To read this article in full, please click here

Mobile 106

Mobile Authentication 106

Security Affairs

DECEMBER 7, 2023

Group-IB researchers discovered a previously undetected Linux remote access trojan called Krasue has been employed in attacks aimed at telecom companies in Thailand. The Krasue Remote Access Trojan (RAT) has remained undetected since at least 2021 when it was registered on Virustotal. ” concludes the report.

Malware 110

Malware Internet Internet Hacking 110