Articles tagged with: #Cybersecurity

• CISA Issues Urgent Directive for F5 Device Vulnerabilities Amid Nation-State Cyberattack

  The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive ordering federal agencies to take immediate action against vulnerabilities in F5 devices. This directive follows the compromise of F5 systems by a nation-state affiliated cyber actor, leading to data exfiltration and potential attacks on federal networks.

• Urgent: SQL Injection Vulnerability Discovered in Fayton.Pro ERP Software

  A critical SQL injection vulnerability has been found in Fayton Software's fayton.Pro ERP, potentially allowing cyber attackers to exploit user data. Users are urged to take immediate action.

• Critical Security Flaw in Backuply Plugin Could Allow File Deletion

  The Backuply plugin for WordPress, crucial for backup and migration, is at risk of exploitation due to a flaw in its file deletion feature, potentially allowing attackers to delete important files on your server.

• Seagate Toolkit on Windows Vulnerability Alert: Update Your Software Now

  A security flaw in the Seagate Toolkit installation process could allow malicious software to run on your computer. Users need to update to protect themselves.

• Active Exploitation — Adobe ColdFusion CVE-2023-26360 Enables Initial Access

  CISA has confirmed that threat actors exploited a critical flaw (CVE-2023-26360) in Adobe ColdFusion, allowing arbitrary code execution on vulnerable systems. The issue affects ColdFusion 2018 (Update 15 and earlier), 2021 (Update 5 and earlier), and unsupported versions 2016 and 11. At least two public-facing servers at a Federal Civilian Executive Branch (FCEB) agency were compromised between June and July 2023.

• Cybersecurity Alert: Samsung Apps Vulnerable to Data Access Risks

  Recent vulnerabilities in Samsung applications could expose user data to unauthorized access. Users are urged to update their apps to ensure safety.

• Critical Cisco Software Vulnerability Exposes Devices to Remote Attacks

  A serious security issue in multiple Cisco software products could allow attackers to gain control of affected devices through crafted web requests.

• Security Alert: Etsy Shop Plugin Vulnerabilities Put Your Website at Risk

  A critical flaw in the Etsy Shop WordPress plugin could allow harmful code to be injected into your site, putting your visitors at risk.

• #StopRansomware: Medusa Ransomware - A Growing Cyber Threat

  Explore the emergence of Medusa Ransomware, its impact across various sectors, and steps organizations can take to mitigate risks as detailed in the recent cybersecurity advisory by the FBI, CISA, and MS-ISAC.

• Xbox Gaming Services Elevation of Privilege Vulnerability

  A new security flaw in Xbox Gaming Services could let attackers gain higher access to files on your system.