mitigations
-
Blog
New Ubuntu Linux security bypasses require manual mitigations
Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default. Linux…
Read More » -
Blog
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. In March, Cisco reported that threat actors were conducting password spray attacks on the Cisco VPN devices. In some cases, these attacks caused a denial-of-service state, allowing the company to find a DDoS vulnerability they fixed in October.…
Read More » -
Blog
Everything you need to know about the Cleo file transfer vulnerability, including affected products, patches, and temporary mitigations
A vulnerability in the popular managed file transfer (MFT) service from software company Cleo is being actively exploited by threat actors, researchers have warned. Reports from multiple security firms have warned that three different Cleo products were being attacked in the wild, including Cleo Harmony, the firm’s widely-used file transfer service capability. VLTrader, a server-side solution aimed at mid-sized corporations,…
Read More »