Security News

Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. "An attacker can exploit them to gain code execution rights, with the former requiring physical access while the latter can be accomplished remotely. A successful attack will allow an adversary to achieve various objectives, including stealing information or using the compromised machine as a beachhead for future attacks against an organization."

LzLabs announced the results of its latest global survey, conducted by Vanson Bourne, revealing that the desire to migrate, modernize and embrace cloud for critical mainframe applications is rapidly increasing amongst global IT decision makers. The survey of 650 IT leaders globally has confirmed that the trend of new IT modernization options being performed off the mainframe is continuing, with organizations seeking to reduce system breaks between applications on legacy platforms and those on open systems and the cloud.

Telos unveiled findings from a research conducted by Vanson Bourne that explores how organizations approach network and critical IT asset protection. The study, which polled 250 information technology, IT security, legal and risk/fraud/compliance professionals, revealed that 99 percent of organizations believe an attack on their critical IT assets would have repercussions not just for their organizations, but for society at large.

This bug could be exploited for unauthorised remote code execution on Microsoft Exchange 2016 and 2019, and was patched in the November 2021 Patch Tuesday updates. The silver lining, if there is such a thing for any zero-day hole, is that the attacker first needs to be authenticated to the Exchange server.

It followed this up with a memorandum on improving cybersecurity for critical infrastructure control systems. Cities don't often have the expertise or resources to secure systems well or monitor for these kinds of attacks, and the attackers only have to succeed once.

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.

The U.S. Cybersecurity and Infrastructure Security Agency is warning of critical vulnerabilities affecting Philips Tasy electronic medical records system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of these vulnerabilities could result in patients' confidential data being exposed or extracted from Tasy's database, give unauthorized access, or create a denial-of-service condition," CISA said in a medical bulletin issued on November 4.

Critical RCE in Palo Alto Networks firewalls revealed, patch ASAP!The existence of a critical RCE vulnerability affecting certain versions of Palo Alto Networks firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. Vulnerabilities in Nucleus NET TCP/IP stack could lead to real-world damageResearchers have unearthed 13 vulnerabilities affecting the Nucleus NET TCP/IP stack and have demonstrated how attackers could exploit them to cause serious real-world damage.

The existence of a critical RCE vulnerability affecting certain versions of Palo Alto Networks firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing installations out there, Randori will refrain from publishing technical details related to the vulnerability for a month, to give affected organizations enough time to patch.

A critical security bug in the Citrix Application Delivery Controller and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.Citrix also addressed a lower-severity bug that is likewise due to uncontrolled resource consumption.