Security News

A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most cybersecurity researchers say it is...

HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware operators and espionage-focused advanced persistent threat groups alike.

Aruba has released security updates for the EdgeConnect Enterprise Orchestrator, addressing multiple critical severity vulnerabilities that enable remote attackers to compromise the host. Aruba EdgeConnect Orchestrator is a widely used WAN management solution, offering enterprise users optimization, administration, automation, and real-time visibility and monitoring features.

A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine. "A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox," GitHub said in an advisory published on September 28, 2022.

A still unpatched vulnerability in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. Zimbra Collaboration is cloud-hosted collaboration software suite that also includes an email server component and a web client component.

A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. While a fix is yet to be released, Zimbra is urging users to install the "Pax" utility and restart the Zimbra services.

Hackers are actively exploiting an unpatched remote code execution vulnerability in Zimbra Collaboration Suite, a widely deployed web client and email server. Zimbra released a security advisory on September 14 to warn system administrators to install Pax, a portable archiving utility, and restart their Zimbra servers to replace cpio, which is the vulnerable component.

Sophos has patched an actively exploited remote code execution vulnerability in its Firewall solutions, and has pushed the fix to customers who have automatic installation of hotfixes enabled.CVE-2022-3236 is a code injection vulnerability in the User Portal and Webadmin of Sophos Firewall.

Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog. 3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.

Security software company Sophos has warned of cyberattacks targeting a recently addressed critical vulnerability in its firewall product.The issue, tracked as CVE-2022-3236, impacts Sophos Firewall v19.0 MR1 and older and concerns a code injection vulnerability in the User Portal and Webadmin components that could result in remote code execution.