News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

MOVEit team warns of critical WS-FTP 10.0 vulnerability
B2B Cyber ​​Security ShortNews

According to Progress Software, the manufacturer of the MOVEit software, many users use their software for data transport WS-FTP in the server version. Now there is a critical 10.0 WS-FTP vulnerability. And especially after the fatal attack on MOVEit. Again, users should patch immediately. The shock about the MOVEit vulnerability is still deep among many users. A few months ago, the CLOP ransomware gang, also spelled “Cl0p”, was able to exploit various serious security holes and steal and encrypt data. Now all inputs to the MOVEit software are blocked, but the FTP software for data exchange WS-FTP for...

Read more

Exim mail server: 0-day exploits require update
B2B Cyber ​​Security ShortNews

The widely used mail server Exim has a vulnerability with a CVSS of 9.8 out of 10 that should be fixed immediately. Trend Micro's zero-day initiative alerted the provider to the vulnerabilities. There has been a response and a security update is now being offered. Exim has already registered zero-day 6 exploits. Trend Micro's zero-day initiative has discovered a serious vulnerability with a CVSS score of 9.8 out of 10 in the widely used Exim mail server. Apparently there are already 6 zero-day exploits targeting the vulnerability. At least that's what Exim itself writes. On the Exim page you can find...

Read more

Ford infotainment system vulnerable via WiFi
B2B Cyber ​​Security ShortNews

The increased use of IT in the car also brings with it the susceptibility to errors and weak points. Ford has to report that its SYNC3 infotainment system is vulnerable via WLAN. However, this would not affect the driving safety of the vehicle. Ford warns of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says it does not affect the vehicle's driving safety. The infotainment system enables in-vehicle WiFi hotspots, phone connectivity, voice commands or third-party applications. 12 Ford models from 2021 and 2022…

Read more

Another 10.0 vulnerability in Endpoint Manager Mobile
B2B Cyber ​​Security ShortNews

After the first 10.0 vulnerability in Ivanti Endpoint Manager Mobile (EPMM) in July, the BSI again warns of another 10.0 vulnerability. This time, the CVE-2023-35082 vulnerability affects all versions of the EPMM. A script to close the vulnerability is available. However: Old versions can no longer be protected! After the Federal Office for Information Security (BSI) had already warned of a vulnerability in the Endpoint Manager Mobile - EPMM (formerly MobileIron Core) in July, the manufacturer Ivanti has now published information on another security gap. According to Common…

Read more

Ivanti fixes 10.0 vulnerability in Endpoint Manager Mobile
B2B Cyber ​​Security ShortNews

The CISA - Cybersecurity and Infrastructure Security Agency - warns of the critical 10.0 vulnerability in Ivantis Endpoint Manager Mobile (EPMM) and recommends the immediate update. Otherwise unauthenticated access to API paths is possible. The update is ready. The American CISA reports that the critical vulnerability with a maximum CVSS value of 10.0 in Ivantis for Endpoint Manager Mobile (EPMM) with CVE-2023-35078 should be closed immediately. Ivanti provides a corresponding update. The discovered vulnerability allows unauthenticated access to certain API paths. An attacker with access to these…

Read more

Vulnerability in EDR solutions
B2B Cyber ​​Security ShortNews

A leading digital business and IT services company has identified a vulnerability in various Endpoint Detection and Response (EDR) products in its cybersecurity lab. All systems worldwide that are secured with the tested EDR solutions are affected. NTT Data supports affected manufacturers and partners in closing the security gap immediately. Temporary weaknesses of this type can be exploited by attackers using a so-called living-of-the-land attack to execute malicious code via components of the operating system. This is usually kept in a format that is difficult to recognize or is downloaded from external sources. In addition, the use of operating system components makes it more difficult…

Read more

BSI warns: Citrix ADC with critical 9.8 vulnerability
B2B Cyber ​​Security ShortNews

The BSI - Federal Office for Information Security - reports an active exploitation of a vulnerability in the Citrix Application Delivery Controller (ADC). The vulnerability managed with the CVE-2023-3519 has a CVSS value of 9.8 out of 10 and is critical! An update is available. On 18.07.2023/2023/3519 the manufacturer Citrix announced a critical vulnerability in the products NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). The vulnerability is listed under the number CVE-9.8-XNUMX according to Common Vulnerabilities and Exposures (CVE) and has a score of XNUMX according to CVSS.

Read more

Mirai botnet is targeting the first solar parks
B2B Cyber ​​Security ShortNews

The portal arsTechnica reports that hundreds of Internet-connected devices in solar parks are still not patched against a critical and actively exploited vulnerability. Attackers can easily disrupt operations from a distance or gain a foothold in the systems. The Mirai botnet already seems to be exploiting the vulnerability. The devices, sold under the SolarView brand name by Contec based in Osaka, Japan, help people in solar arrays monitor the amount of electricity they're generating, storing and distributing. According to Contec, around 30.000 power plants have introduced the devices,…

Read more

More vulnerabilities in MOVEit
B2B Cyber ​​Security ShortNews

The threat obviously goes further: discovery of another vulnerability for unauthorized SQL injection. MOVEit needs to be patched again to prevent cyberattacks. Vulnerabilities are discovered every day, and attackers keep checking to see if they can monetize a new vulnerability. When a new vulnerability is confirmed, we as defenders need to consider two things: how difficult it would be for the attackers to exploit the vulnerability, and how likely it is that it will be exploited. The latter usually depends on the degree of distribution of the affected software: the more widespread it…

Read more

MOVEit leak: CLOP group leaks another 30 company names
B2B Cyber ​​Security ShortNews

It's like a bottomless pit: in just one week, the CLOP group has leaked another 30 company names that are said to be victims of the attack on the MOVEit vulnerability. Now there are well over 80 victims, some of whom are prominent. Much of the data is already completely online. The currently published list has now grown to 82 names. Most company names are international and not based in Germany. The group of users of the MOVEit software solution for data exchange, which was vulnerable weeks ago, is smaller in Germany than initially assumed. Nevertheless, experts speak behind closed doors of good...

Read more