Technical Advisory: OS Command Injection in Silver Peak EdgeConnect Appliances (CVE-2020-12148, CVE-2020-12149)
Vendor: Silver Peak
Vendor URL: https://www.silver-peak.com
Versions affected: All EdgeConnect OS versions prior to 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.
Systems Affected: Unity EdgeConnect Appliance & Orchestrator
CVE Identifier: CVE-2020-12148 (nslookup API),...
US-CERT Reports 17,447 Vulnerabilities Recorded in 2020
This marks the fourth year in a row that a record number of vulnerabilities has been discovered, following 17,306 in 2019.The US-CERT Vulnerability Database has confirmed 17,447 vulnerabilities were...
Attackers Leverage IMAP to Infiltrate Email Accounts
Researchers believe cybercriminals are using a tool dubbed Email Appender to directly connect with compromised email accounts via IMAP.A newly detected wave of spam emails is bypassing transport layers...
Russian hacks weigh on private equity’s software investments
Some of the world’s biggest private equity firms, including Blackstone Group Inc, Silver Lake Partners LP, and Thoma Bravo LP, own major stakes in the software firms whose shares...
The SolarWinds Perfect Storm: Default Password, Access Sales and More
Meanwhile, FireEye has found a kill switch, and Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.
UPDATE
A perfect storm may have...
Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor
In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks.
Commodity malware backdoor SystemBC has evolved to...
New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor
By: Ravie Lakshmanan
The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step...
The crucial role of cybersecurity in the COVID-19 vaccine distribution
With more than 73 million coronavirus cases worldwide, the COVID-19 vaccines offer potential relief. Yet, as many organizations are getting involved in their distribution worldwide, the attack surface for...
