Security News > 2022 > May > Week in review: F5 BIG-IP flaw, critical bugs in Aruba and Avaya network switches, Patch Tuesday forecast
TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switchesArmis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches.
Critical F5 BIG-IP flaw allows device takeover, patch ASAP!F5 Networks' BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388.
Password tips to keep your accounts safeUswitch.com conducted a consumer survey to find out how the UK chooses their passwords, how safe they are and how often they have been hacked.
How is the U.S. government preparing for critical infrastructure attacks?In this video for Help Net Security, Paul Caiazzo, Advisor at Avertium, talks about critical infrastructure attacks, their potential impact, and what the U.S. government is doing to prepare for them.
How to identify vulnerabilities with NMAPIn this video for Help Net Security, Shani Dodge Reiner, Development Team Leader at Vicarius, explains how to identify vulnerabilities using the NMAP tool.
How to enhance your cyber defense program with CIS SecureSuiteJoin this webinar to learn how you can prioritize your security program to meet the requirements of regulatory and compliance frameworks with the CIS Critical Security Controls and CIS Benchmarks, as well as how to assess and implement secure configurations at scale.
News URL
Related news
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- HPE Aruba Networking fixes critical flaws impacting Access Points (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-05 | CVE-2022-1388 | Missing Authentication for Critical Function vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 9.8 |