1. Home
  2. Cybersecurity Events

Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

phpFox Social Platform fixes critical remote code execution flaw
published: Oct. 30, 2023
A critical vulnerability in the phpFox social platform allowes unauthorized attackers to compromise user communities, and despite initial dismissiveness, the developers eventually released a patch in version 4.8.14.
Take action: If you are using phpFox, it's prudent to update to the latest version.
D-LINK DAR-7000 vulnerable to critical SQL Injection
published: Oct. 28, 2023
The D-Link DAR-7000 router, which reached its End of Life in 2015, has a SQL injection vulnerability (CVE-2023-42406 with a CVSS3 score of 9.8) allowing potential unauthorized access. D-Link no longer supports or updates such legacy products, and users should replace the products or if possible use open source firmware.
Ubiquiti reports critical security vulnerability in the UniFi Network application
published: Oct. 27, 2023
Ubiquiti, renowned for its networking solutions, has identified and addressed a critical vulnerability in its UniFi Network application, urging users to update to version 7.5.187 for security, especially given the company's past cybersecurity challenges.
F5 reports critical vulnerability in their BIG-IP product
published: Oct. 27, 2023
F5 has warned its customers of a critical vulnerability (CVE-2023-46747) in its BIG-IP product, affecting multiple versions, which allows unauthenticated attackers to remotely execute code and potentially compromise over 6,000 internet-facing instances, including those of government agencies and Fortune 500 companies.
Take action: If you are using F5 BIG-IP, wake up your team and have them check whether it's visible from the internet. If it is, lock it down immediately. Then proceed to download the mitigation script, review it and execute it if applicable. Finally, patch your BIG-IP.
Critical vulnerability in NextGen Mirth Connect exposes data
published: Oct. 26, 2023
Mirth Connect by NextGen HealthCare has a critical security flaw (CVE-2023-43208) that allows unauthorized remote code execution, with versions dating back to 2015/2016 affected. Users are urged to update to version 4.4.1 released on October 6, 2023, to ensure protection.
Take action: If your organization is using Mirth Connect, start patching ASAP. As a temporary workaround, you can try to use it only via trusted isolated network connections to partners, but that's usually a difficult proposition for a multi-platform integration system. Patching is still a great choice for this system.
Rockwell Automation Stratix routers vulnerable to Cisco IOS XE vulnerability
published: Oct. 25, 2023
Rockwell Automation has reported an actively exploited vulnerability in Cisco IOS XE software affecting specific versions of Stratix products. Cisco has released a patch as of October 23. Affected customers should apply mitigating measures and seek guidance from Rockwell Automation on updating their devices.
Take action: Comb through all Rockwell 5200 and 5800 routers disable the WebUI/HTTP server on the internet facing interfaces and check for unknown user accounts. Then work with Rockwell to apply the patch ASAP.
Cisco finally releases patches for IOS XE vulneabilities
published: Oct. 25, 2023
Cisco has issued patches for two zero-day vulnerabilities in its Cisco IOS XE system software, offering them for download on its software portal, addressing CVE-2023-20198 and CVE-2023-20273, which allowed attackers to gain privileged access and execute root-level commands.
Take action: Now you can patch your Cisco IOS XE routers. We sincerely hope you have already deactivated the HTTP server on public interfaces, and haven't been hacked. Don't delay the patch, since someone may attack the same HTTP server on an internal interface.
VMware reports critical vulnerability in vCenter
published: Oct. 25, 2023
VMware has addressed the critical CVE-2023-34048 security vulnerability in vCenter Server, allowing potential remote exploitation, with security patches available - even for end of life products. Although no active exploitation has been detected the company advises strict network access control.
Take action: Even though officially there is no workaround, firts make sure that your vCenter network access is locked only to trusted network. Considering the critical nature of these vulnerability and the fact that even end-of-life versions got a patch, start planning to patch immediately.
SolarWinds Acces Rights tool critically vulnerable, exposes remote takeover
published: Oct. 20, 2023
Multiple vulnerabilities, including three classified as critical, have been discovered in SolarWinds Access Rights Manager (ARM), a tool for managing and auditing user access rights. These vulnerabilities could allow remote attackers to execute code with SYSTEM privileges, potentially granting them full control over the victim's machine. SolarWinds has released a patch in version 2023.2.1 of ARM to address these issues.
Take action: If your Solar Winds ARM is exposed to the internet, PATCH NOW! If it's properly locked in an internal network, have a proper patch planning discussion and implement the patch systematically. Just don't ignore the vulnerabilities.
Oracle October Update has patches for over 387 Vulnerabilities
published: Oct. 18, 2023
Oracle's recent Critical Patch Update includes 387 security patches for various product families, providing vulnerability information to allow customers to assess risks, urging them to apply patches promptly, while also advising consideration of product version upgrades.
Take action: We can't give a straightforward advice on this advisory. Over 380 patches across a lot of product families requires a lot of review and testing. Especially since the patches are available only for customers with advanced support packages. It's wise for the engineering teams to take out the time to review the advisory.