Security News

US Cyber Command has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.The USCYBERCOM unit also stressed the importance of patching vulnerable Confluence servers as soon as possible: "Please patch immediately if you haven't already- this cannot wait until after the weekend."

Enterprise security and network appliance vendor F5 has released patches for more than two dozen security vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code. Chief among them is CVE-2021-23031, a vulnerability affecting BIG-IP Advanced Web Application Firewall and BIG-IP Application Security Manager that allows an authenticated user to perform a privilege escalation.

Enterprise security and network appliance vendor F5 has released patches for more than two dozen security vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code. Chief among them is CVE-2021-23031, a vulnerability affecting BIG-IP Advanced Web Application Firewall and BIG-IP Application Security Manager that allows an authenticated user to perform a privilege escalation.

Cisco Systems on Wednesday issued patches to address a critical security vulnerability affecting the Application Policy Infrastructure Controller interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system. " A successful exploit could allow the attacker to read or write arbitrary files on an affected device," the company said in an advisory.

Cisco Systems on Wednesday issued patches to address a critical security vulnerability affecting the Application Policy Infrastructure Controller interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system. " A successful exploit could allow the attacker to read or write arbitrary files on an affected device," the company said in an advisory.

Microsoft has finally published guidance today for the actively exploited ProxyShell vulnerabilities impacting multiple on-premises Microsoft Exchange versions. Although Microsoft fully patched the ProxyShell bugs by May 2021, they didn't assign CVE IDs for the vulnerabilities until July, preventing some orgs with unpatched servers from discovering that they had vulnerable systems on their networks.

The US Cybersecurity and Infrastructure Security Agency issued its first alert tagged as "Urgent," warning admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities. "Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207," CISA warned over the weekend.

A second unofficial patch for the Windows PetitPotam NTLM relay attack has been released to fix further issues not addressed by Microsoft's official security update. In July, security researcher GILLES Lionel, aka Topotam, disclosed a new technique called 'PetitPotam' that performs unauthenticated forced authentication on domain controllers using various functions in the MS-EFSRPC API. Microsoft's security update is not complete.

The fix means that only administrators will be able to install print drivers on Windows PCs. Microsoft has finally patched the last in a series of security vulnerabilities in its Windows Print Spooler service that could have allowed attackers to remotely control an affected system and install malicious programs or create new accounts. On Tuesday, the company pushed out its August Patch Tuesday lineup, which included a fix for the Print Spooler Remote Code Execution Vulnerability to address this specific issue.

Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. Siemens has released 10 new advisories for the August 2021 Patch Tuesday and they cover a total of 32 vulnerabilities.