Security News

Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities impacting CODESYS automation software and the WAGO programmable logic controller platform that could be remotely exploited to take control of a company's cloud operational technology infrastructure. The flaws can be turned "Into innovative attacks that could put threat actors in position to remotely control a company's cloud OT implementation, and threaten any industrial process managed from the cloud," the New York-headquartered industrial security company Claroty said in a report shared with The Hacker News, adding they "Can be used to target a cloud-based management console from a compromised field device, or take over a company's cloud and attack PLCs and other devices to disrupt operations."

Juniper Networks has shipped security patches to cover numerous vulnerabilities across its product portfolio, including a series of critical bugs in third-party software used in the company's products. The most important of the vulnerabilities is CVE-2021-0276, a stack-based buffer overflow in Juniper Networks SBR Carrier with EAP. An attacker could exploit it by sending specific packets to cause a denial of service condition or to execute code remotely, Juniper warned in an advisory.

Cisco's Talos threat intelligence and research unit has disclosed the details of several critical vulnerabilities affecting a router monitoring application made by Taiwan-based industrial and IoT solutions provider Advantech. The affected tool is R-SeeNet, which is designed to help network administrators monitor their Advantech routers.

According to Keeper Security's Workplace Password Malpractice Report, many remote workers aren't following best practices for password security. In February 2021, Keeper surveyed 1,000 employees in the U.S. about their work-related password habits - and discovered that a lot of remote workers are letting password security go by the wayside.

Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited. A critical remote code-execution vulnerability in Juniper Networks' Steel-Belted Radius Carrier Edition lays open wireless carrier and fixed operator networks to tampering.

Hackers have started targeting a critical WooCommerce vulnerability only days after patches started rolling out, patchstack says. WooCommerce is a popular open-source eCommerce plugin for WordPress, with more than 5 million installations to date, making it an attractive target for cybercriminals.

Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making it the second-largest JavaScript CDN. The vulnerability exploits comprised publishing packages to Cloudflare's CDNJS using GitHub and npm, to trigger a Path Traversal vulnerability, and eventually remote code execution.

A critical SQL-injection security vulnerability in the WooCommerce e-commerce platform and a related plugin has been under attack as a zero-day bug, researchers have disclosed. The exploitation prompted WooCommerce to release an emergency patch for the issue late on Wednesday.

StrikeReady launched StrikeReady Recon, a combination of internal and external intelligence that provides a cross-section of the most active and in-the-wild campaigns, intrusions, and attacks targeting organizations globally, assisting them in protecting their mission-critical infrastructure and systems. Because of this, StrikeReady has developed a threat model-based approach aka StrikeReady Recon for organizations to prioritize and focus on threats that affect their operations or goals.

SonicWall has issued an "Urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life Secure Mobile Access 100 series and Secure Remote Access products. "Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access 100 series and Secure Remote Access products running unpatched and end-of-life 8.x firmware in an imminent ransomware campaign using stolen credentials," the company said.