Network Management | Breaking Cybersecurity News | The Hacker News

As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration.  However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim's device and run commands, exfiltrate data, and stay undetected.  This article will cover real-world examples of RMM exploits and show you how to protect your organization from these attacks.  What are RMM tools?  RMM software simplifies network management, allowing IT professionals to remotely solve problems, install software, and upload or download files to or from devices.  Unfortunately, this connection is not always secure, and attackers can use malicious software to connect their servers to a victim's device. As these connections become easier to detect, however,  ransomware-as-a-service (RaaS) groups have had to adjus...

F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier  CVE-2023-46747 , and carries a CVSS score of 9.8 out of a maximum of 10. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands," F5  said  in an advisory released Thursday. "There is no data plane exposure; this is a control plane issue only." The following versions of BIG-IP have been found to be vulnerable - 17.1.0 (Fixed in 17.1.0.3 + Hotfix-BIGIP-17.1.0.3.0.75.4-ENG) 16.1.0 - 16.1.4 (Fixed in 16.1.4.1 + Hotfix-BIGIP-16.1.4.1.0.50.5-ENG) 15.1.0 - 15.1.10 (Fixed in 15.1.10.2 + Hotfix-BIGIP-15.1.10.2.0.44.2-ENG) 14.1.0 - 14.1.5 (Fixed in 14.1.5.6 + Hotfix-BIGIP-14.1.5.6.0.10.6-ENG) 13.1.0 - ...

Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa's MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses "could allow a remote, unauthenticated attacker to execute code on the hosting machine with the highest privileges available: NT AUTHORITY\SYSTEM," Claroty security researcher Noam Moshe  said  in a report published this week. Moxa  MXview  is designed for configuring, monitoring, and diagnosing networking devices in industrial networks. The flaws, which affect versions 3.x to 3.2.2 of the network management software, were rectified in  version 3.2.4 or higher  following a coordinated disclosure process in October 2021. "Successful exploitation of these vulnerabilities may allow an attacker to create or overwrite critical files to execute code, gain access to the p...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...