News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: BSI

BSI: Vulnerability with 9.4 in Citrix NetScaler ADC and Gateway 
23 October 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI has issued a critical warning about a CVSS 9.4 vulnerability for the products Citrix NetScaler Application Delivery Controller and NetScaler Gateway. The vulnerability gives attackers access to sensitive information without authentication. According to specialist Mandiant, the vulnerability has been exploited for a long time. According to the BSI, the manufacturer Citrix published an advisory on vulnerabilities in the products NetScaler Application Delivery Controller (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) on October 10, 2023. The one critical security vulnerability is identified according to Common Vulnerabilities and Exposures (CVE) under the...

Read more

Cisco: Web UI of IOS XE with 10.0 vulnerability
18 October 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI warns of an actively exploited vulnerability in the Cisco Web UI of IOS XE. The CVE-2023-20198 vulnerability has the highest CVSS score of 10.0 and is therefore critical. Many switches, routers and WLAN controllers are at risk. On October 16, Cisco released an advisory regarding an unpatched and actively exploited vulnerability in the Web UI of IOS XE. The vulnerability with the identifier CVE-2023-20198 allows remote, unauthenticated attackers to create new accounts (with level 15 access rights) on the affected system. Attackers are therefore able to take control of affected…

Read more

BSI: 10.0 Vulnerability in Atlassian Confluence Data Center
6 October 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI – Federal Office for Information Security – warns of a critical CVSS 10.0 vulnerability in Atlassian Confluence Data Center and servers. Companies should apply security patches immediately, otherwise attackers could create administrator accounts. Atlassian itself had issued an advisory about the critical vulnerability with CVSS value 10.0 (CVE-2023-22515), but the BSI has now also issued a warning about a 10.0 vulnerability. Companies should urgently patch Confluence Data Center and servers because the gap should make it possible to create admin accounts. Whether and how strong the…

Read more

When hackers exploit unsecured video conferences 
August 24, 2023
| No comments
| PR News
When hackers exploit unsecured video conferences - Image by Alexandra_Koch on Pixabay

German companies and municipalities risk enormous damage from cyber attacks in the near future. Highly secure video conferences, certified by the BSI, are one aspect that can ward off hacker attacks. Many video platforms have security gaps and make companies vulnerable. The economy currently lacks more than 100.000 specialists for cybersecurity - a need that cannot be met in the foreseeable future. The good news is that companies cannot only increase the security of their IT infrastructure by hiring cybersecurity experts. When securing your own video conferences, for example, it already helps to switch to highly secure software to make life difficult for criminals.

Read more

Cyber ​​danger Akira ransomware
July 30, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Ransomware is one of the biggest threats facing businesses. This was also confirmed by the BSI in its report on the situation of IT security in Germany in 2022. One of the best known and most notorious ransomware groups was Conti. This criminal organization formed the basis for other threat actors that split off from the ransomware group. One of these groups is Akira ransomware. What is Akira? Akira is a relatively new, fast-growing ransomware group, first observed in March 2023, that uses the ransomware-as-a-service (RaaS) model. RaaS are service and tool offerings related to ransomware, with which even relatively inexperienced…

Read more

BSI warns: Citrix ADC with critical 9.8 vulnerability
July 21, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI - Federal Office for Information Security - reports an active exploitation of a vulnerability in the Citrix Application Delivery Controller (ADC). The vulnerability managed with the CVE-2023-3519 has a CVSS value of 9.8 out of 10 and is critical! An update is available. On 18.07.2023/2023/3519 the manufacturer Citrix announced a critical vulnerability in the products NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). The vulnerability is listed under the number CVE-9.8-XNUMX according to Common Vulnerabilities and Exposures (CVE) and has a score of XNUMX according to CVSS.

Read more

BSI: Critical 9.8 vulnerabilities in Nessus vulnerability scanner
July 6, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Federal Office for Information Security (BSI) warns of critical 9.8 vulnerabilities in Nessus, the vulnerability scanner, which can check not only known vulnerabilities but also software patch levels and configurations. According to Tenable, a quick update is recommended. According to Tenable, the makers of the Nessus Network Monitor vulnerability scanner, the platform uses third-party software to provide certain functionality. Now, the company has discovered that several third-party components have many highly dangerous and even critical vulnerabilities. Therefore, the providers have made an updated version available. Fix 174 vulnerabilities with one version The…

Read more

BSI reports: FortiOS with highly dangerous vulnerabilities
June 15, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In its security warning WID-SEC-2023-1438, the BSI reports that attackers can use several vulnerabilities to carry out a DoS attack in Fortinet FortiOS or to implement any code. Fortinet's Product Security Incident Response Team (PSIRT) provides update guidance. The BSI's report on the vulnerabilities in FortiOS links directly to Fortinet's Product Security Incident Response Team (PSIRT). There the high risk vulnerabilities are listed with CVSSv3 scores of 6,4, 7,3 and 8,3. However, the BSI writes of an 8,8 rating. FortiOS vulnerability: Attackers can launch DoS attack This means the vulnerabilities and…

Read more

BSI warns: Thunderbird with highly dangerous 7,8 vulnerabilities
June 14, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Experts and specialists have found highly dangerous vulnerabilities in Thunderbird that are classified as highly dangerous according to CVSS with a value of 7,8. The CVE-2023-34416 and CVE-2023-34414 vulnerabilities contain a memory security flaw and allow clickjacking. An update to version 102.12 ends the danger. The popular e-mail client Thunderbird has two vulnerabilities that are considered highly dangerous with a CVSS value of 7,8. The BSI has also communicated the security information under number WID-SEC-2023-1414. The bugs are easy to fix. An update to Thunderbird version 102.12 is sufficient. However, many users and companies have the default setting for Thunderbird...

Read more

AOK – MOVEit hack: CLOP Group issues ultimatum until June 14th 
June 9, 2023
| No comments
| PR News
AOK - MOVEit hack: CLOP Group issues ultimatum until June 14th

A few days ago it became known that the MOVEit data transfer software used by the AOK had a blatant vulnerability. The BSI even registered a data leak. In the meantime, there is an ultimatum on the website of the CLOP APT group: companies affected worldwide must report by June 14 and pay a ransom for their data, otherwise everything will be published. While some experts are still arguing about who exploited and attacked the MOVEit Transfer vulnerability worldwide, the APT group released a statement on their leak page. There it is stated that a large number of companies store masses of data…

Read more

© 2024 MedPressIT GbR
Cookie Settings