Security News

In a security advisory published on Wednesday, Cisco said that a critical vulnerability in Universal Plug-and-Play service of multiple small business VPN routers will not be patched because the devices have reached end-of-life. "The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process."

71% of vulnerabilities found in the first half of 2021 are classified as high or critical, and 90% are of low complexity, meaning an attacker can expect repeated success under a variety of conditions, says Claroty. Industrial cybersecurity company Claroty has released a report on the state of vulnerabilities in industrial control systems in the first half of 2021, and the data reveals several serious issues that should leave any business with an ICS system on high alert.

Researchers have discovered a vulnerability in Fortinet's FortiWeb web application firewall, and while it has been classified as high severity, the actual risk of exploitation in the wild seems low. Tod Beardsley, director of research at Rapid7, told SecurityWeek that they have not seen any information from Fortinet regarding a patch, but they do expect the vulnerability to be fixed soon.

n unpatched vulnerability in the management interface for FortiWeb, Fortinet's web application firewall, could allow a remote, authenticated attacker to execute arbitrary commands on the system, Rapid7 researcher William Vu has discovered."It requires access to the web-based management console, which, as near as we can tell, is exceedingly rare. Of the million or so Fortinet devices that are findable on the open internet, we only see something like 100 to 300 devices that have their management consoles exposed," he told Help Net Security.

Researchers at FireEye's threat intelligence and incident response unit Mandiant have identified a critical vulnerability that exposes millions of IoT devices to remote attacks. The flaw was found in a core component of the Kalay cloud platform for IoT devices offered by ThroughTek, a Taiwan-based company that provides IoT and M2M solutions for surveillance, security, smart home, cloud storage, and consumer electronics systems.

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update. Tracked as CVE-2021-36958, the unpatched flaw is the latest to join a list of bugs collectively known as PrintNightmare that have plagued the printer service and come to light in recent months.

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update. "A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," the company said in its out-of-band bulletin, echoing the vulnerability details for CVE-2021-34481.

The main components of the security tool are the Cobalt Strike client - also known as a Beacon - and the Cobalt Strike team server, which sends commands to infected computers and receives the data they exfiltrate. An attacker starts by spinning up a machine running Team Server that has been configured to use specific "Malleability" customizations, such as how often the client is to report to the server or specific data to periodically send.

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.