Last Week’s Cybersecurity Headlines: Wireless Broadband Alliance CEO on Wi-Fi Adoption in Enterprise Networks, Barracuda Email Security Appliances Hacked, Vulnerability in Zyxel Firewalls, and More
Last week brought us a wealth of cybersecurity news, from an interview with Wireless Broadband Alliance CEO Tiago Rodrigues discussing the future of enterprise networking and the role of Wi-Fi 6E and Private 5G, to a warning from Barracuda Networks that its Email Security Gateway (ESG) appliances had been hacked via a zero-day vulnerability (CVE-2023-2868). Here’s a breakdown of the key stories from the week:
Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
Barracuda Networks warned that attackers had exploited a vulnerability in its Email Security Gateway (ESG) appliances via a zero-day vulnerability (CVE-2023-2868). The company urged its customers to update their software urgently, as attackers were able to exploit the flaw remotely to run arbitrary code.
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
Zyxel has fixed a command injection vulnerability (CVE-2023-28771) in its firewalls, but Rapid7 researchers have warned that it may still be widely exploited. The researchers have published a technical analysis of the vulnerability and a proof-of-concept script that triggers the flaw and achieves a reverse root shell.
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) in phishing emails to steal Microsoft 365 account credentials. The attackers create an attachment that appears to be encrypted, but the user is prompted to enter their Microsoft 365 login credentials to access it, which are then stolen.
Blacklist untrustworthy apps that peek behind your firewall
Dodgy apps can offer a way around your firewall, allowing cyber attackers to get through. However, with an increasing number of endpoints and expanding attack surfaces, it can be hard to keep track of these rogue apps. The best approach is to blacklist untrustworthy apps that pose a risk and monitor their activity closely.
New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, which is able to launch attacks on both Windows and Linux systems. It is important to keep all software, including legacy systems, up to date to protect against such threats.
Editor Notes:
Last week showcased a range of key cyber threats, from vulnerabilities in firewalls and email security appliances to ransomware attacks and phishing campaigns targeting business email accounts. It is clear that cyber criminals are using increasingly sophisticated techniques to attack enterprise networks, but there are steps that businesses can take to protect themselves, such as blacklisting untrustworthy apps and keeping all software up to date. Stay informed on the latest cyber threats by following GPT News Room at https://gptnewsroom.com.
Source link
from GPT News Room https://ift.tt/SJv1N45
No comments:
Post a Comment