SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC).
SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device authorisation, application level VPN, and advanced authentication with federated single sign-on (SSO) for cloud and on-premises resources.
Read more…
Source: NHS Digital
Related:
- Chinese researchers’ claimed quantum encryption crack looks unlikely
January 7, 2023
Briefly this week, it appeared that quantum computers might finally be ready to break 2048-bit RSA encryption, but that moment has passed. The occasion was the publication of an academic paper by no less than two dozen authors affiliated with seven different research institutions in China. The paper, titled “Factoring integers with sublinear resources on a superconducting ...
- CISA Releases Three Industrial Systems Control Advisories
January 5, 2023
CISA released three Industrial Control Systems (ICS) advisories on January 5 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-005-01 Hitachi Energy UNEM ICSA-23-005-02 Hitachi Energy FOXMAN-UN Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Fortinet Releases Security Updates for FortiADC
January 4, 2023
Fortinet has released a security advisory to address a vulnerability in multiple versions of FortiADC. This vulnerability may allow a remote attacker “to execute unauthorized code or commands via specifically crafted HTTP requests.” CISA encourages users and administrators to review Fortinet security advisory FG-IR-22-061 and apply the recommended updates. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Rackspace confirms Play ransomware was behind recent cyberattack
January 4, 2023
Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company’s hosted Microsoft Exchange environments. This follows a report last month by cybersecurity firm Crowdstrike, which detailed a new exploit used by the ransomware group to compromise Microsoft Exchange servers and gain access to a ...
- Netgear warns users to patch recently fixed WiFi router bug
December 29, 2022
Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible. The flaw impacts multiple Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. Although Netgear did not disclose any information about the component affected by this ...
- CISA Adds Two Known Exploited Vulnerabilities to Catalog
December 29, 2022
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added ...