SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC).
SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device authorisation, application level VPN, and advanced authentication with federated single sign-on (SSO) for cloud and on-premises resources.
Read more…
Source: NHS Digital
Related:
- Critical RCE Flaw in Palo Alto Gateways Hits Uber
July 22, 2019
A remote code-execution (RCE) vulnerability has been uncovered in the GlobalProtect portal and GlobalProtect Gateway interface security products from Palo Alto Networks. It’s an unusual zero-day case, having been previously unknown but inadvertently fixed in later releases — but some large companies could still be impacted, including Uber. The gateways provide virtual private network (VPN) access to ...
- Sodin ransomware exploits Windows vulnerability and processor architecture
July 3, 2019
When Sodin (also known as Sodinokibi and REvil) appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. In a detailed analysis, we discovered that it also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows (rare among ransomware), and uses legitimate processor ...
- Cyberwarfare in space: Satellites at risk of hacker attacks
July 2, 2019
There’s an urgent need for NATO and its member countries to address the cybersecurity of space-based satellite control systems because they’re vulnerable to cyberattacks – and if left unaddressed, it could have severe consequences for global security, a new paper from a major thinktank on international affairs has warned. Almost all modern military engagements rely on space-based assets, ...
- US Cyber Command issues alert about hackers exploiting Outlook vulnerability
July 2, 2019
US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday. The Outlook bug, discovered and detailed by security researchers from SensePost, allows a threat actor to escape from the Outlook ...
- Newly-Discovered Malware Targets Unpatched MacOS Flaw
June 25, 2019
Researchers have discovered never-before-seen Mac malware samples, which they believe are being developed to target a recently-disclosed vulnerability in the MacOS operating system. The vulnerability, a bypass that was disclosed in May and has yet to be patched by Apple, exists in the MacOS Gatekeeper security feature, which verifies downloaded applications before allowing them to run on Macs. ...
- New Echobot malware is a smorgasbord of vulnerabilities
June 17, 2019
If there’s one thing that seems to have no end in sight is malware authors putting their own spin on the old Mirai malware and creating new botnets to haunt the IoT and enterprise landscapes. Not a month goes by without a new major botnet appearing out of nowhere and launching massive attacks against people’s smart ...