SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC).
SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device authorisation, application level VPN, and advanced authentication with federated single sign-on (SSO) for cloud and on-premises resources.
Read more…
Source: NHS Digital
Related:
- Secure those Macs: Apple must step up and support older machines
September 27, 2021
I have long advocated keeping machines up to date. When machines become too old to update, I’ve bitten the bullet and dumped them, even if they were still fully functional. With all the malware and ransomware, not to mention simple flaws that could cause a system to crash, it’s become necessary to keep machines up to ...
- Apple Patches 3 More Zero-Days Under Active Attack
September 24, 2021
Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges. Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versions of iPhone and iPod devices, and Security Update 2021-006 Catalina for ...
- Hackers are scanning for VMware CVE-2021-22005 targets, patch now!
September 22, 2021
Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution. The security flaw tracked as CVE-2021-22005 impacts all vCenter Server 6.7 and 7.0 deployments with default configurations. The flaw was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, ...
- Unpatched Apple Zero-Day in macOS Finder Allows Code Execution
September 22, 2021
A zero-day security vulnerability in Apple’s macOS Finder system could allow remote attackers to trick users into running arbitrary commands, according to researchers – and a silent patch hasn’t fixed it. For those not in the Apple camp, the macOS Finder is the default file manager and GUI front-end used on all Macintosh operating systems. It’s ...
- Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang
September 17, 2021
Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead of a patch released by Microsoft this week. Collaborative research by Microsoft and RiskIQ revealed campaigns by Ryuk threat actors early on that exploited the flaw, tracked as CVE-2021-40444. The bug is a remote code execution ...
- An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
September 17, 2021
Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the researchers’ interest was the hacking software used by the digital spies, whom Kaspersky had dubbed ...