Security News

StrikeReady launched StrikeReady Recon, a combination of internal and external intelligence that provides a cross-section of the most active and in-the-wild campaigns, intrusions, and attacks targeting organizations globally, assisting them in protecting their mission-critical infrastructure and systems. Because of this, StrikeReady has developed a threat model-based approach aka StrikeReady Recon for organizations to prioritize and focus on threats that affect their operations or goals.

SonicWall has issued an "Urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life Secure Mobile Access 100 series and Secure Remote Access products. "Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access 100 series and Secure Remote Access products running unpatched and end-of-life 8.x firmware in an imminent ransomware campaign using stolen credentials," the company said.

SonicWall has issued an "Urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life Secure Mobile Access 100 series and Secure Remote Access products. "Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access 100 series and Secure Remote Access products running unpatched and end-of-life 8.x firmware in an imminent ransomware campaign using stolen credentials," the company said.

Cybersecurity researchers have disclosed new security vulnerabilities in the Etherpad text editor that could potentially enable attackers to hijack administrator accounts, execute system commands, and even steal sensitive documents. The two flaws - tracked as CVE-2021-34816 and CVE-2021-34817 - were discovered and reported on June 4 by researchers from SonarSource, following which patches have been shipped for the latter in version 1.8.14 of Etherpad released on July 4.

The Texas-based company that became the epicenter of a massive supply chain attack late last year, has issued patches to contain a remote code execution flaw in its Serv-U managed file transfer service. The fixes, which target Serv-U Managed File Transfer and Serv-U Secure FTP products, arrive after Microsoft notified the IT management and remote monitoring software maker that the flaw was being exploited in the wild.

The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs. A critical remote code-execution vulnerability in Schneider Electric programmable logic controllers has come to light, which allows unauthenticated cyberattackers to gain root-level control over PLCs used in manufacturing, building automation, healthcare and enterprise environments. If exploited, attackers could impact production lines, sensors and conveyor belts in factory settings, according to the researchers at Armis who discovered the bug - as well as affect devices familiar to the everyday consumer, such as elevators, HVACs and other automated devices.

Eleven critical bugs in Adobe's popular and free PDF reader, Acrobat, open both Window and macOS users to attacks ranging from an adversary arbitrarily executing commands on a targeted system to data leakage tied to system-read and memory flaws. The free Acrobat Reader 2020 and PDF-creation and editing software Acrobat 2020 were among the list of those programs with critical bugs patched.

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution and privilege escalation attacks.

A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. It can be exploited by an unauthenticated attacker who has network access to the targeted PLC. The exploit chain demonstrated by Armis also involves several other vulnerabilities discovered over the past few years.

Researchers at Armis discovered an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers that can lead to remote-code-execution. Modicon M580. The vulnerability, dubbed ModiPwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series.