Security News

Protecting CNI is a difficult task, thanks to a combination of a lack of skilled professionals, legacy systems and a lack of security investment that leaves them open to attack. While one would assume that these systems should run the latest and greatest security measures, due to their sensitive nature, many of these systems operate on legacy machines that can't be reset and can't be patched.

Tens of thousands of QNAP network-attached storage devices exposed online are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. Remote threat actors can exploit this SQL injection vulnerability to inject malicious code in attacks targeting Internet-exposed and unpatched QNAP devices.

Horizon3 security researchers have released proof-of-concept code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. Earlier today, Horizon3 published the PoC exploit and explained that the RCE exploit "Abuses the various Thrift RPC endpoints to achieve an arbitrary file write."

QNAP Systems has fixed a critical vulnerability affecting QNAP network-attached storage devices, which could be exploited by remote attackers to inject malicious code into a vulnerable system.Luckily for QNAP NAS owners, there's no mention of it being exploited by attackers or an exploit being publicly available.

Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale.

QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability allowing remote attackers to inject malicious code on QNAP NAS devices. "A vulnerability has been reported to affect QNAP devices running QTS 5.0.1 and QuTS hero h5.0.1. If exploited, this vulnerability allows remote attackers to inject malicious code,' warns the QNAP security advisory."

Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record system. Discovered, privately reported and now publicly documented by researcher Dennis Brinkrolf, the vulnerabilities have been promptly patched by the OpenEMR maintainers at the end of November 2022.

How to tackle the cybersecurity skills shortage in the EUIn this Help Net Security Dritan Saliovski, Director - Nordic Head of Cyber M&A, Transaction Advisory Services at Aon, offers some pointers, as well as advice to organizations on how to attract and retain the best cybersecurity talent. ENISA gives out toolbox for creating security awareness programsThe European Union Agency for Cybersecurity has made available Awareness Raising in a Box, a "Do it yourself" toolbox to help organizations in their quest to create and implement a custom security awareness raising program.

Akamai researchers have published a PoC exploit for a critical vulnerability in Windows CryptoAPI, which validates public key certificates. "An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate," Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions.

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing. Unauthenticated attackers can exploit this bug in low-complexity attacks.