Security News

Critical Veeam RCE bug now used in Frag ransomware attacks
2024-11-08 20:23

After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. [...]

D-Link won’t fix critical flaw affecting 60,000 older NAS devices
2024-11-08 19:21

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit. [...]

Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)
2024-11-08 11:36

A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure...

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
2024-11-08 05:17

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited...

CISA warns of critical Palo Alto Networks bug exploited in attacks
2024-11-07 19:03

Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration...

HPE warns of critical RCE flaws in Aruba Networking access points
2024-11-07 15:47

Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. [...]

Cisco scores a perfect CVSS 10 with critical flaw in its wireless system
2024-11-07 11:48

Ultra-Reliable Wireless Backhaul doesn't live up to its name Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.…

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)
2024-11-07 09:28

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows...

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
2024-11-07 09:08

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers...

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices
2024-11-05 09:34

Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as...