System Hardening | Breaking Cybersecurity News | The Hacker News

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," the company said in an advisory. CVE-2025-23121 impacts all earlier version 12 builds, including 12.3.1.1139. It has been addressed in version 12.3.2 (build 12.3.2.3617). Security researchers at CODE WHITE GmbH and watchTowr have been credited with discovering and reporting the vulnerability. Cybersecurity company Rapid7 noted that the update likely addresses concerns shared by CODE WHITE in late March 2025 that the patch put in place to plug a similar hole ( CVE-2025-23120 , CVSS score: 9.9) could be bypassed. Also addressed by Veeam is another flaw in the same product (CVE-2025...

Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations. Impacted models include NAS326 running versions V5.21(AAZF.16)C0 and earlier, and NAS542 running versions V5.21(ABAG.13)C0 and earlier. The shortcomings have been resolved in versions V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively. A brief description of the flaws is as follows - CVE-2024-29972 - A command injection vulnerability in the CGI program "remote_help-cgi" that could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request CVE-2024-29973 - A command injection vulnerability in the 'setCookie' parameter that could allow a...

In 2017, The Australian Cyber Security Center (ACSC) published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as  the Essential Eight , are designed specifically for use on Windows networks, although variations of these strategies are commonly applied to other platforms. What is the Essential Eight?  The Essential Eight is essentially a cyber security framework that is made up of objectives and controls (with each objective including multiple controls). Initially, the Australian government only mandated that companies adhere to four of the security controls that were included in the first objective. Starting in June of 2022 however, all 98 non-corporate Commonwealth entities (NCCEs) are going to be  required to comply with the entire framework . Non-Australians take note  Although the Essential Eight is specific to Australia, organizations outsid...

Everyone makes mistakes. That one sentence was drummed into me in my very first job in tech, and it has held true since then. In the cybersecurity world, misconfigurations can create exploitable issues that can haunt us later - so let's look at a few common security misconfigurations. The first one is development permissions that don't get changed when something goes live. For example, AWS S3 buckets are often assigned permissive access while development is going on. The issues arise when security reviews aren't carefully performed prior to pushing the code live, no matter if that push is for the initial launch of a platform or for updates. The result is straight-forward; a bucket goes live with the ability for anyone to read and write to and from it. This particular misconfiguration is dangerous; since the application is working and the site is loading for users, there's no visible indication that something is wrong until a threat actor hunting for open buckets stum...