News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Critical vulnerabilities at Fortinet
B2B Cyber ​​Security ShortNews

The Federal Office for Information Security (BSI) warns of a security gap in several versions of the Fortinet operating system FortiOS, which is used in the manufacturer's firewalls. The vulnerability allows unauthenticated external attackers to execute code and commands via crafted HTTP requests. According to the Common Vulnerability Scoring System (CVSS), the vulnerability received a rating of “critical” with a score of 9,8. The US security authority CISA, like the BSI, has issued a warning and states that the security vulnerability in FortiOS is already being actively attacked by hackers. Fortinet has…

Read more

Outlook: Calendar entry can steal password
Outlook: Calendar entry can steal password -AI

There is a new vulnerability in Outlook and three ways to access NTLM v2 hashed passwords. Access can be done through the calendar function and double headers via calendar entry. Experts have discovered the vulnerability and are warning about it. Varonis Threat Labs discovered the new Outlook vulnerability (CVE-2023-35636) and three new ways to exploit it. This allows you to access the NTLM v2 hash passwords from Outlook, Windows Performance Analyzer (WPA) and Windows File Explorer. With access to these passwords, attackers can attempt an offline brute force attack or an authentication relay attack to compromise an account and gain access. Unpatched…

Read more

Email vulnerability: BSI warns of SMTP smuggling

Using smuggling, an email can be split and the fake senders bypass authentication mechanisms such as SPF, DKIM and DMARC. While large companies and email service providers Microsoft, GMX and Ionos immediately stopped smuggling, Cisco continues to consider the danger to be a great function, according to the BSI. On December 18, cybersecurity firm SEC Consult released information about a new attack technique using “Simple Mail Transfer Protocol (SMTP) Smuggling.” With SMTP smuggling, attackers take advantage of the fact that different SMTP implementations interpret the marking of the end of an email message differently. SPF, DKIM and DMARC undermined you...

Read more

Veeam ONE: Hotfix for critical vulnerabilities is available 
B2B Cyber ​​Security ShortNews

Veeam is informing its users about two critical and two medium vulnerabilities in Veeam One for which patches are already available. The critical gaps have a CVSS v3 value of 9.9 and 9.8 out of 10. Those responsible should therefore act immediately. The vulnerabilities with the code CVE-2023-38547 and CVE-2023-38548 describe a high level of danger in Veeam ONE. The following versions are affected: Veeam ONE 12 P20230314 (12.0.1.2591) Veeam ONE 11a (11.0.1.1880) Veeam ONE 11 (11.0.0.1379) Two critical vulnerabilities in Veeam One The first vulnerability CVE-2023-38547 with a CVSS v3.1. 9.9:XNUMX in Veeam ONE allows an unauthenticated user to…

Read more

Vulnerability in Citrix ShareFile
B2B Cyber ​​Security ShortNews

Tenable Research has discovered a current security vulnerability in Citrix - specifically in Citrix ShareFile. If this vulnerability is exploited, an attacker could steal credentials or tokens, execute code in the context of the victim's browser, or perform a variety of other dangerous actions. Despite the potential impact of the vulnerability, Citrix has chosen not to release information about this issue or notify customers after the issue has been patched. Customers are completely dependent on the cloud providers to resolve the reported issues and must blindly trust that…

Read more

Another 10.0 vulnerability in Endpoint Manager Mobile
B2B Cyber ​​Security ShortNews

After the first 10.0 vulnerability in Ivanti Endpoint Manager Mobile (EPMM) in July, the BSI again warns of another 10.0 vulnerability. This time, the CVE-2023-35082 vulnerability affects all versions of the EPMM. A script to close the vulnerability is available. However: Old versions can no longer be protected! After the Federal Office for Information Security (BSI) had already warned of a vulnerability in the Endpoint Manager Mobile - EPMM (formerly MobileIron Core) in July, the manufacturer Ivanti has now published information on another security gap. According to Common…

Read more

More vulnerabilities in MOVEit
B2B Cyber ​​Security ShortNews

The threat obviously goes further: discovery of another vulnerability for unauthorized SQL injection. MOVEit needs to be patched again to prevent cyberattacks. Vulnerabilities are discovered every day, and attackers keep checking to see if they can monetize a new vulnerability. When a new vulnerability is confirmed, we as defenders need to consider two things: how difficult it would be for the attackers to exploit the vulnerability, and how likely it is that it will be exploited. The latter usually depends on the degree of distribution of the affected software: the more widespread it…

Read more

MOVEit Disaster: 3rd Vulnerability - Run 3rd Patch!
MOVEit Disaster: 3rd Vulnerability - Run 3rd Patch!

Manufacturer Progress Software has just released the 2nd update for MOVEit Transfer and MOVEit Transfer Cloud, so the company is now quickly adding a patch for a 3rd vulnerability. Just one day earlier, it was said that no further vulnerabilities were expected. Again it is a SQL injection vulnerability - a patch is essential! The report on the 2nd vulnerability has just appeared here on B2B-Cyber-Security.de, and there is a report on the 3rd vulnerability right away. Companies using MOVEit Transfer must patch the vulnerability. The right patch is already available...

Read more

Attacked vulnerability in Samsung smartphones running Android 12, 13
B2B Cyber ​​Security ShortNews

One of the vulnerabilities that Samsung's May update closes is even listed by CISA - Cybersecurity and Infrastructure Security Agency - as CVE-2023-21492. According to CISA, the vulnerability is even being actively exploited. Samsung's automatic system update alleviates the problem. The CVE-2023-21492 vulnerability describes a security hole in Samsung mobile devices by inserting sensitive information in log files. The CISA not only lists the vulnerability, but also indicates that it is already being actively exploited. However, there is no further indication of the form in which this occurs. Samsung May update closes…

Read more

Zoom: Highly Dangerous Vulnerabilities
B2B Cyber ​​Security ShortNews

An update is recommended for users of Zoom clients on various systems. Of the currently reported vulnerabilities, two are classified as highly dangerous and three others as moderately dangerous. Zoom provides appropriate security updates for Android, iOS, Linux, macOS and Windows. The vulnerabilities reported by Zoom are 8.3 and 7.2 according to CVSS. These are not considered critical, but should be patched immediately. Zoom provides suitable patches or software updates for this. Vulnerabilities with CVSS 8.3 and 7.2 The first vulnerability with CVSS 8.3 concerns the “Incorrect implementation of trust boundary for SMB in Zoom clients”…

Read more