News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

BSI warns: exploitation of a vulnerability in MS Outlook
B2B Cyber ​​Security ShortNews

The BSI warns of a vulnerability in Outlook that is apparently already being actively exploited. The CVSS value of the vulnerability is 9.8 and is therefore considered critical. Microsoft is already providing an update that should be installed immediately if it didn't happen automatically. On March 14, 2023, Microsoft released updates for numerous vulnerabilities as part of its monthly Patch Days - including several patches for security vulnerabilities that are classified as "critical" according to the Common Vulnerability Scoring System (CVSS) with values ​​of 9.0 and higher. Important patch ready In the…

Read more

SonicOS: Vulnerability Can Crash Firewall
B2B Cyber ​​Security ShortNews

Sonicwall reports a highly dangerous vulnerability in its firewall operating system SonicOS: A stack-based buffer overflow allows remote attackers with a Denial of Service (DoS) to crash the affected firewall. Sonicwall is required to report a dangerous vulnerability in SonicOC with a rating of 7,5 High. CVE-2023-0656 describes the dangerous issue: "The stack-based buffer overflow vulnerability in SonicOS allows a remote, unauthenticated attacker to trigger Denial of Service (DoS), which could lead to an affected firewall crashing." However, Sonicwall states that the vulnerability has not yet been actively exploited. But this is well known...

Read more

Microsoft Word with critical 9.8 vulnerability
B2B Cyber ​​Security ShortNews

Every Word user should check whether their Word has already been updated by Microsoft. CVE-2023-21716 describes a critical vulnerability with a severity level of 9.8 out of 10 according to CVSS 3.1. Checking the version is quite simple. Incidentally, Microsoft released a Word vulnerability with a severity level of 9.8 out of 10 according to CVSS 3.1. This critical vulnerability allows opening a manipulated Rich Text Format (.rtf) document to allow malicious code injection. Although Microsoft describes the danger of the vulnerability on its website, it does not provide any further information. This information can be found at…

Read more

Europe: Thousands of VMware ESXi servers attacked with ransomware
B2B Cyber ​​Security ShortNews

According to the BSI - Federal Office for Information Security, thousands of servers running VMware's ESXi virtualization solution were infected with ransomware and many were also encrypted in a widespread global attack. The regional focus of the attacks on the VMware ESXi servers was on France, the USA, Germany and Canada - other countries are also affected. The perpetrators took advantage of a long-known vulnerability in the application's OpenSLP service, which triggered a "heap overflow" and ultimately allowed code to be executed remotely. In the meantime…

Read more

Lexmark SMB printers with critical 9.0 vulnerability
B2B Cyber ​​Security ShortNews

Lexmark reports two vulnerabilities in over 120 relatively new printer models. Many devices are also for the SME sector and have network access. According to CVSSv3, a vulnerability has a base score of 9.0 and is therefore considered “critical”. Users of the models should urgently update the firmware, as remote attackers could run code. In the list of current safety instructions from Lexmark, there are two current entries for which a firmware update is recommended. According to the Common Vulnerability Scoring System Version 3.0 – CVSSv3 for short, the CVE-2023-22960 vulnerability has a score of…

Read more

Log4j: 72 percent of companies at risk
Log4j: 72 percent of companies at risk

According to a study gleaned from over 500 million tests, 72 percent of organizations remain at risk from the Log4j vulnerability. The data highlights the problems in fixing security vulnerabilities. When Log4Shell was discovered in December 2021, companies around the world tried to determine their risk. In the weeks after the vulnerability became known, companies reallocated their resources and invested tens of thousands of hours identifying and remediating the problem. One state's federal cabinet reported that its security team spent 33.000 hours just fixing the...

Read more

Vulnerability in Netgear router allows external access
Tenable news

Tenable has discovered a vulnerability in a new NETGEAR router. The popular WiFi 6 router is known for its large area coverage and is also used by micro-businesses. The router can be reached from the outside with an old firmware via IPv6. Tenable's ZeroDay research team found a network misconfiguration in the NETGEAR Nighthawk WiFi6 Router (RAX30 AX2400) working with firmware up to v1.0.7.78. The new update with firmware V1.0.9.90 fixes the security problem. External attack via IPv6 possible The bug inadvertently enabled unrestricted communication with all services running over IPv6 on the WAN (Internet Facing) port of the…

Read more

Cisco: Vulnerabilities in Secure Email and Web Manager
B2B Cyber ​​Security ShortNews

Cisco is reporting security vulnerabilities in its Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management products. Attackers could perform SQL injection attack or gain root privileges. Updates are ready. Multiple vulnerabilities in the next-generation UI management interface for Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an attacker to gain permissions elevate or to perform a SQL injection attack and gain root privileges. Cisco Vulnerability Updates CVE-2022-20868 Affects…

Read more

Critical vulnerability in Apple devices
B2B Cyber ​​Security ShortNews

Apple recently released a software update for iOS and iPadOS 15.6.1 to fix a zero-day kernel vulnerability identified as CVE-2022-32917. This critical vulnerability in Apple devices allows code execution with kernel privileges. Lookout explains how. Apple is aware of a report mentioning active exploitation of the vulnerability in the wild. This vulnerability could allow a maliciously crafted application to execute arbitrary code with kernel privileges. This CVE could affect Apple iPhone, iPad and iPod Touch models, meaning anyone using one of these devices will have their device immediately…

Read more

BlackByte hijacks EDR solutions with “Bring Your Own Driver” principle
SophosNews

The security specialists from Sophos uncovered a new scam by the relatively young ransomware gang BlackByte. These use the "Bring Your Own Driver" principle to bypass more than 1.000 drivers used in Endpoint Detection and Response (EDR) solutions industry-wide. Sophos describes the attack tactics, techniques and procedures (TTPs) in the new report “Remove all the Callbacks – BlackByte Ransomware Disables EDR via RTCore64.sys Abuse”. BlackByte, which was named as a threat to critical infrastructure in a special report by the Secret Service and FBI earlier this year, surfaced in May after a brief hiatus...

Read more