Fortinet
- 9 août 2022Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities
FortiGuard Labs examines SmokeLoader, a malware variant that exploits CVE-2017-0199 and CVE-2017-11882 in its deployment chain. Read our analysis blog to learn about the latest sample. - 8 août 2022Q&A with Chris Nguyen, Fortinet Channel Sales Engineer
Channel Sales Engineers are an important part of doing business with partners. Learn more about this technical role as part of our ongoing series to profile careers in cybersecurity. Read to learn more. - 4 août 2022Ransomware Roundup: Redeemer, Beamed, and More
The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Redeemer, Beamed, and Araicrypt ransomware. Read to learn more about protections against these variants. - 4 août 2022Advancing Artificial Intelligence-Enabled Cybersecurity in Network Detection Response
Artificial Intelligence (AI) can play a significant role in advancing cybersecurity of network detection. Read to learn advancements in AI development, and how this can help CISOs overcome challenges in network detection and response. - 4 août 2022A Journey to Network Protocol Fuzzing – Dissecting Microsoft IMAP Client Protocol
Hardening network applications by performing a source code audit or fuzzing is a mission-critical task to minimize attack vectors from evolving threats. FortiGuard Labs provides some takeaways and learnings from the fuzzer development perspective. Read more. - 3 août 2022So RapperBot, What Ya Bruting For?
FortiGuard Labs is tracking a rapidly evolving IoT malware family known as RapperBot. Read to learn how this threat infects and persists on a victim’s device. - 2 août 2022Cybersecurity Career Pathways for Women
As organizations look to hire and retain talent to help fill the cyber skills gap, women offer skills and diverse perspective the industry needs. Read to learn more about one woman’s career path in cybersecurity. - 1 août 2022Fileless Malware: What It Is and How It Works
Read about the what fileless malware is along with the stages of an attack, the common techniques used by cybercriminals, and tips for detecting these types of threats. - 1 août 2022The Current and Future State of Smart OT Security
A Smart Industry report highlights OT security strategies that CISOs can employ to support their digital transformation efforts while guarding against evolving cyber threats. Read to learn more. - 28 juillet 2022Fortinet Internship Program Helps Prepare the Cyber Workforce of the Future
National Intern Day celebrates interns and the impactful work they do. We spoke with Fortinet interns to learn more about their work and what they’ve gained from their internships.
Aruba
- 26 juillet 2022Vulnerability in Aruba Virtual Intranet Access (VIA)
Aruba has released an update to Aruba Virtual Intranet Access (VIA) that addresses a security vulnerability in the Aruba VIA client for the Microsoft Windows operating system. This vulnerability does not affect Aruba VIA clients for other operating systems.The post Vulnerability in Aruba Virtual Intranet Access (VIA) first appeared on Aruba. … - 21 juillet 2022Multiple Vulnerabilities in Expat XML processing library
Multiple CVEs have been disclosed that involve the faulty handling of XML input by the Expat application and library. These CVEs impact multiple Aruba products.The post Multiple Vulnerabilities in Expat XML processing library first appeared on Aruba. … - 21 juillet 2022Faulty OpenSSL Handling of Certificates Containing Elliptic Curve Public Keys Leading to Denial of Service
A CVE has been disclosed that involves the faulty handling of certain certificates by OpenSSL. This CVE impacts multiple Aruba products.The post Faulty OpenSSL Handling of Certificates Containing Elliptic Curve Public Keys Leading to Denial of Service first appeared on Aruba. … - 21 juin 2022Heap Overflow Vulnerabilities Within ArubaOS-Switch Devices
The Armis Research Team has discovered multiple heap overflow vulnerabilities with various networking vendors. ArubaOS-Switch devices are affected by these vulnerabilities in the affected versions. Exploitation of these vulnerabilities allow for attackers to execute arbitrary code on the affected device.The post Heap Overflow Vulnerabilities Within ArubaOS-Switch Devices first appeared on Aruba. … - 4 mai 2022ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba. - 6 avril 2022AOS-CX Switches Multiple Vulnerabilities
Aruba has released updates for wired switch products running AOS-CX that address multiple security vulnerabilities.
The post AOS-CX Switches Multiple Vulnerabilities first appeared on Aruba. - 6 avril 2022Multiple CVEs involving Spring Cloud and Spring Framework
Three CVEs have been published about various vulnerabilities discovered in the Spring Framework and Spring Cloud.
The post Multiple CVEs involving Spring Cloud and Spring Framework first appeared on Aruba. - 5 avril 2022Aruba Instant On Switch Denial of Service Vulnerabilities
Aruba has discovered two Denial of Service vulnerabilities in Aruba Instant On 1930 Switches. CVE-2021-41005 requires authentication to be exploited and CVE-2021-41004 can be exploited without supplying any authentication information.The post Aruba Instant On Switch Denial of Service Vulnerabilities first appeared on Aruba. … - 1 février 2022Local Privilege Escalation in polkit’s pkexec
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program installed in many major Linux distributions. Exploitation of this vulnerability allows for any unprivileged local user to gain full root privileges on the affected host.The post Local Privilege Escalation in polkit’s pkexec first appeared on Aruba. … - 1 février 20229000 Series Gateways Multiple UEFI Vulnerabilities
On February 1st, 2022, multiple vulnerabilities in the UEFI implementation of Insyde H20 BIOS have been made public. Aruba 9000 Series Gateways are affected by these vulnerabilities.The post 9000 Series Gateways Multiple UEFI Vulnerabilities first appeared on Aruba. …
Cisco
- 8 août 2022Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability
A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are … - 3 août 2022Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerabilit … - 3 août 2022Cisco Webex Meetings Web Interface Vulnerabilities
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no w … - 3 août 2022Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address th … - 3 août 2022Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific REST API output. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit coul … - 3 août 2022Cisco Unified Communications Manager Arbitrary File Deletion Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This vulnerability exists because the affected software does not properly validate HTTP requests. An … - 2 août 2022Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authen … - 20 juillet 2022Cisco IoT Control Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of … - 20 juillet 2022Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields withi … - 20 juillet 2022Cisco Nexus Dashboard Privilege Escalation Vulnerabilities
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious …
Google Online Security Blog