SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC).
SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device authorisation, application level VPN, and advanced authentication with federated single sign-on (SSO) for cloud and on-premises resources.
Read more…
Source: NHS Digital
Related:
- US federal payroll agency hacked using SolarWinds software flaw
February 2, 2021
The FBI has discovered that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report. NFC provides human resources and payroll services to roughly 170 federal agencies and over 650,000 federal employees since 1973. The software vulnerability used to ...
- SonicWall zero-day exploited in the wild
February 1, 2021
Cyber-security firm the NCC Group said on Sunday that it detected active exploitation attempts against a zero-day vulnerability in SonicWall networking devices. Details about the nature of the vulnerability have not been made public to prevent other threat actors from studying it and launching their own attacks. “We’ve seen it used by a single threat actor earlier ...
- Pro-Ocean: Rocke Group’s New Cryptojacking Malware
January 28, 2021
In 2019, Unit 42 researchers documented cloud-targeted malware used by the Rocke Group to conduct cryptojacking attacks to mine for Monero. Since then, cybersecurity companies have had the malware on their radar, which hampered Rocke Group’s cryptojacking operation. In response, the threat actors updated the malware. Here, we uncover a revised version of the same cloud-targeted ...
- Apple Patches Three Actively Exploited Zero-Days, Part of iOS Emergency Update
January 27, 2021
Apple continues to put out potential security fires by patching zero-day vulnerabilities, releasing an emergency update this week to patch three more recently discovered in iOS after a major software update in November already fixed three that were being actively exploited. The newly patched bugs are part of a security update released Tuesday for iOS 14.4 ...
- A look at Linux, Threats, Risks, and Recommendations
January 26, 2021
Linux, which started as a personal project 30 years ago, is presently one of the most powerful operating systems dominating cloud platforms and servers around the world today. In fact, Linux usage has now exceeded that of Windows on Azure, Microsoft’s own cloud platform. Linux is also undeniably ubiquitous. According to the Linux Foundation’s 2017 State ...
- Bugs in Signal, Facebook, Google chat apps let attackers spy on users
January 20, 2021
Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now ...