VPNs European companies abused: suspected Chinese hackers
Hackers exploit critical vulnerabilities worldwide to gain control of Ivanti VPN appliances. Compromised VPNs are in Germany, the United Kingdom, Italy, and the Netherlands.
That's according to new figures from security company Censys. On Jan. 10, Ivanti announced that its product had vulnerabil... Read more
Ivanti EPMM vulnerability actively exploited
A known vulnerability in Ivanti Endpoint Manager Mobile is currently being actively exploited. Device management solution MobileIronCore is also vulnerable.
The U.S. security regulator CISA warns of this. The vulnerability is hits many Internet-connected devices. For example, data from Shodan sh... Read more
UEFI firmware vulnerabilities hit enterprise environments worldwide
Nine vulnerabilities in EDK II hit enterprise environments worldwide. Researchers at France's Quarkslab discovered that this open-source standard for the UEFI specification can be abused by malicious actors. These exploits are then very difficult to detect or remove.
The nine vulnerabilities are... Read more
When is a critical vulnerability actually dangerous?
Dozens of new vulnerabilities surface every day. These vary widely, with CVE scores ranging from 0 to 10. The higher the score, the more alarming the messaging. Interestingly, the most dangerous cyber threats quite often don't achieve a high score on this scale. As an organization, how do you know ... Read more
Juniper firewalls and switches hit by RCE vulnerability
A vulnerability in Juniper Networks' Junos OS operating system for its SRX and EX Series firewalls and switches allows these network devices to be attacked by hackers to execute malicious code.
A vulnerability is found in the J-Web configuration tool for the firewalls and switches. This vulnerab... Read more
GitLab accounts vulnerable to takeover, patch available
GitLab is warning users about a critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The vulnerability in question, CVE-2023-7028, allows hackers to take over accounts. Patches have already been released.
According to GitLab, the CVE-2023-7028 vulnerability makes ... Read more
150,000 WordPress sites at risk due to vulnerable SMTP plug-in
A popular WordPress plug-in intended to send emails faster has been found to leave 150,000 websites vulnerable to a takeover. The developer of the POST SMTP plugin has acted swiftly, meaning a patch is already available.
Wordfence reports that the vulnerability was submitted during a bug bounty ... Read more
Critical vulnerability in EPM software Ivanti lets hackers take over core server
Ivanti's Endpoint Management (EPM) software contains a critical vulnerability that allows hackers to hijack even the core server. This is not the first time Ivanti has been hit by a vulnerability in its software during the period of one year.
Ivanti continues to find vulnerabilities in its softw... Read more
11 million servers still vulnerable to Terrapin SSH attack
A global scan shows that about 11 million servers are still vulnerable to the recently discovered Terrapin SSH vulnerability. However, security experts estimate that its impact is not significant, despite the strong possibility that the vulnerability will remain present for several years.
The re... Read more
Decades after its debut, SMTP still enables new phishing techniques
A new form of e-mail spoofing was revealed this week: "SMTP Smuggling." The vulnerability allows threat actors to produce highly believable phishing emails. Although it seems decades past the time to move away from the ancient protocol, SMTP is here to stay.
The new method bypasses email protect... Read more