Positive Technologies – Page 3

PAN-OS vulnerabilities add to a torrid year for enterprise software bugs

Posted on September 10, 2020 by Sean Lyngaas

Cybersecurity researchers on Wednesday revealed four new vulnerabilities in enterprise software used by thousands of companies around the world that, if exploited, could be used to steal data from internal networks. The bugs in the PAN operating system (PAN-OS) made by Palo Alto Networks add to a growing list of vulnerabilities in widely used corporate software that researchers have uncovered in 2020. Some of those vulnerabilities, such as a flaw in software made by Citrix, have been used in espionage and other hacking operations. In the case of the PAN-OS flaws, which security firm Positive Technologies found, CyberScoop has not seen evidence that hackers have successfully exploited them. Palo Alto Networks released fixes for all of the vulnerabilities and told customers to apply them. One of the more critical vulnerabilities could allow a hacker who first accesses the software’s management interface to plant malicious code in the operating system and obtain […]

The post PAN-OS vulnerabilities add to a torrid year for enterprise software bugs appeared first on CyberScoop.

Continue reading PAN-OS vulnerabilities add to a torrid year for enterprise software bugs→

Vulnerabilities discovered in PAN-OS, which powers Palo Alto Networks’ firewalls

Posted on September 10, 2020 by Help Net Security

Palo Alto Networks remediated vulnerabilities in PAN-OS (operating systems version 8.1 or later). Attackers can use these vulnerabilities to gain access to sensitive data or develop the attack to gain access to the internal segments of the network of a… Continue reading Vulnerabilities discovered in PAN-OS, which powers Palo Alto Networks’ firewalls→

Citrix releases fix for software bug that hackers ‘will move quickly to exploit’

Posted on August 11, 2020 by Sean Lyngaas

A newly revealed set of vulnerabilities in popular software made by Citrix, whose clients include Fortune 500 companies, could let hackers who exploit the bugs gain control of a mobile server and steal sensitive data. The Florida-based company, which has dealt with multiple critical vulnerabilities this year, has released fixes for the new round of bugs and urged customers to apply them. “While there are no known exploits as of this writing, we do anticipate malicious actors will move quickly to exploit,” Citrix CISO Fermin J. Serna wrote in a blog post Tuesday. The bugs are in a software product known as Citrix Endpoint Management or XenMobile, which allows clients to remotely connect to corporate networks with their mobile devices. Exploiting one of the bugs could let a hacker steal domain account credentials for a corporate network, according to Andrey Medov, a security researcher at Positive Technologies, which found the […]

The post Citrix releases fix for software bug that hackers ‘will move quickly to exploit’ appeared first on CyberScoop.

Continue reading Citrix releases fix for software bug that hackers ‘will move quickly to exploit’→

Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data

Posted on July 27, 2020 by Zeljka Zorz

An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by attackers in the wild. For the moment, it seems that it is being used just to… Continue reading Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data→

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

Posted on July 8, 2020 by Zeljka Zorz

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence Fusion Team has discovered. On CVE-2020-5902 (K52145254) @TeamAresSec reported publicly at 18:24 the mitigation could be bypassed, we saw it used in the wild at 12:39 for the first time – upgrade don’t mitigate – https://t.co/sSr4JIZwu3 pic.twitter.com/PMfG0rCpyQ — NCC Group Infosec (@NCCGroupInfosec) July 7, 2020 “Early data made available to us, as of … More →

The post Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all appeared first on Help Net Security.

Continue reading Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all→

Cyber Command backs ‘urgent’ patch for F5 security vulnerability

Posted on July 6, 2020 by Shannon Vavra

One of the largest providers of enterprise networking equipment in the world, F5 Networks, has issued a security fix for a major vulnerability that, if exploited, could result in a “complete system compromise.” F5’s BIG-IP is among the most popular networking gear in use today, with adoption through government networks, internet service providers, and cloud computing data centers. If security administrators fail to patch the new vulnerability, though, attackers could wreak havoc on their systems, according to a information security specialists. Mikhail Klyuchnikov, the senior web application security researcher at Positive Technologies who uncovered the flaw, estimated that there are approximately 8,000 vulnerable devices exposed to the internet. The remote code execution vulnerability, called CVE-2020-5902, affects the BIG-IP products’ Traffic Management User Interface (TMIU), which can function as load balancers, firewalls, rate limiters, and web traffic shaping systems. Attackers who exploit the weakness can execute arbitrary system commands, create files, delete files, or disable services, according to […]

The post Cyber Command backs ‘urgent’ patch for F5 security vulnerability appeared first on CyberScoop.

Continue reading Cyber Command backs ‘urgent’ patch for F5 security vulnerability→

Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit

Posted on July 6, 2020 by Zeljka Zorz

Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, IoT malware, or to scrape administrator credentials from the hacked devices. … Continue reading Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit→

The dark web is flooded with offers to purchase corporate network access

Posted on May 22, 2020 by Help Net Security

There is a flood of interest in accessing corporate networks on the dark web, according to Positive Technologies. In Q1 2020, the number of postings advertising access to these networks increased by 69 percent compared to the previous quarter. This may… Continue reading The dark web is flooded with offers to purchase corporate network access→

Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANs

Posted on February 7, 2020 by Tara Seals

RCE and myriad other types of attacks could take aim at the 19 percent of vulnerable companies that haven’t yet patched CVE-2019-19781. Continue reading Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANs→

Citrix ships patches as vulnerable servers come under attack

Posted on January 21, 2020 by John E Dunn

Citrix has issued its first set of patches fixing a nasty vulnerability that’s been hanging over some of its biggest products. Continue reading Citrix ships patches as vulnerable servers come under attack→