Security News

Sophos has patched an actively exploited remote code execution vulnerability in its Firewall solutions, and has pushed the fix to customers who have automatic installation of hotfixes enabled.CVE-2022-3236 is a code injection vulnerability in the User Portal and Webadmin of Sophos Firewall.

Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog. 3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.

Security software company Sophos has warned of cyberattacks targeting a recently addressed critical vulnerability in its firewall product.The issue, tracked as CVE-2022-3236, impacts Sophos Firewall v19.0 MR1 and older and concerns a code injection vulnerability in the User Portal and Webadmin components that could result in remote code execution.

Sophos warned today that a critical code injection security vulnerability in the company's Firewall product is being exploited in the wild. The company says it has released hotfixes for Sophos Firewall versions affected by this security bug and older) that will roll out automatically to all instances since automatic updates are enabled by default.

The US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog. CVE-2022-35405 is a remote code execution vulnerability that can be exploited to execute arbitrary code on affected installations of Password Manager Pro and PAM360 without prior authentication, and on Access Manager Plus with prior authentication.

The Cybersecurity and Infrastructure Security Agency has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild."The exploit POC for the above vulnerability is available in public," ManageEngine warned customers in July when it issued security patches to address this issue.

Security software firm Trend Micro warned customers today to patch an actively exploited Apex One security vulnerability as soon as possible. "Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution," the company explained in a security advisory published today.

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage devices. Tracked as CVE-2022-34747, the issue relates to a "Format string vulnerability" affecting NAS326, NAS540, and NAS542 models.

Networking device maker Zyxel is warning customers today of a new critical remote code execution vulnerability impacting three models of its Networked Attached Storage products. "A format string vulnerability was found in a specific binary of Zyxel NAS products that could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet," explains the advisory.

Phishing PyPI users: Attackers compromise legitimate projects to push malwarePyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. DDoS tales from the SOCIn this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks.