FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

By: Newsroom
Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). β€œThe two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern,” Jon Williams, a senior security

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack

By: Newsroom
A new zero-day security flaw has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was released

New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products

By: THN
SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. Of the 15 shortcomings (tracked from CVE-2023-34123 through CVE-2023-34137), four

China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware

By: Ravie Lakshmanan
A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWallΒ Secure Mobile Access (SMA) 100 appliancesΒ to drop malware and establish long-term persistence. "The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades," cybersecurity company MandiantΒ saidΒ in a technical report published this week. The

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

By: Ravie Lakshmanan
Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection (SQLi) vulnerability affecting its Analytics On-Prem and Global Management System (GMS) products. The vulnerability, tracked asΒ CVE-2022-22280, is rated 9.4 for severity on the CVSS scoring system and stems from what the company describes is an "improper neutralization of special elements" used in
❌