Security News

This bug could be exploited for unauthorised remote code execution on Microsoft Exchange 2016 and 2019, and was patched in the November 2021 Patch Tuesday updates. The silver lining, if there is such a thing for any zero-day hole, is that the attacker first needs to be authenticated to the Exchange server.

It followed this up with a memorandum on improving cybersecurity for critical infrastructure control systems. Cities don't often have the expertise or resources to secure systems well or monitor for these kinds of attacks, and the attackers only have to succeed once.

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.

The U.S. Cybersecurity and Infrastructure Security Agency is warning of critical vulnerabilities affecting Philips Tasy electronic medical records system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of these vulnerabilities could result in patients' confidential data being exposed or extracted from Tasy's database, give unauthorized access, or create a denial-of-service condition," CISA said in a medical bulletin issued on November 4.

Critical RCE in Palo Alto Networks firewalls revealed, patch ASAP!The existence of a critical RCE vulnerability affecting certain versions of Palo Alto Networks firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. Vulnerabilities in Nucleus NET TCP/IP stack could lead to real-world damageResearchers have unearthed 13 vulnerabilities affecting the Nucleus NET TCP/IP stack and have demonstrated how attackers could exploit them to cause serious real-world damage.

The existence of a critical RCE vulnerability affecting certain versions of Palo Alto Networks firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing installations out there, Randori will refrain from publishing technical details related to the vulnerability for a month, to give affected organizations enough time to patch.

A critical security bug in the Citrix Application Delivery Controller and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.Citrix also addressed a lower-severity bug that is likewise due to uncontrolled resource consumption.

The survey revealed that as data becomes more complex, and data rules and regulations expand and evolve, new challenges such as data privacy, security, and quality have emerged that threaten to hinder data initiatives. Further, the survey revealed that sensitive data use is on the rise, and the tasks associated with managing sensitive data - data cataloging, data discovery, and access control - are the most challenging.

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service, and information leak. Collectively called "NUCLEUS:13," successful attacks abusing the flaws can "Result in devices going offline and having their logic hijacked," and "Spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept successfully demonstrating a scenario that could potentially disrupt medical care and critical processes.

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service, and information leak. Collectively called "NUCLEUS:13," successful attacks abusing the flaws can "Result in devices going offline and having their logic hijacked," and "Spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept successfully demonstrating a scenario that could potentially disrupt medical care and critical processes.