Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.

Continue Reading Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Legacy QNAP NAS devices vulnerable to zero-day cyberattacks

Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.

Continue Reading Legacy QNAP NAS devices vulnerable to zero-day cyberattacks

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

Continue Reading CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (updated)

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)

Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Continue Reading Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)