RF Wave

#HPE has released software updates to address critical vulnerabilities in its Instant AOS-8 and AOS-10 software for Aruba access points The vulnerabilities are tracked as CVE-2024-42509 and CVE-2024-47460, and when exploited, allows an attacker to remotely execute code Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/eFn8jbba

#Cisco has released software updates to address a critical vulnerability in its Ultra-Reliable Wireless Backhaul access points The vulnerability is tracked as CVE-2024-20418, and when exploited, allows an attacker to run commands with full privileges Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/dgaSa4A6

#Google has released November software updates for #Android The updates address 51 vulnerabilities, including 2 zero-days that are known to be actively exploited Users are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/e99ZfmAi

Attackers are abusing DocuSign to create and distribute fake invoices The attackers are impersonating well-known brands such as PayPal. Because DocuSign is a legitimate service, it bypasses email security protections. Once user e-signs the document, the attackers can request payment. Users are advised to be vigilant of e-signature requests from unknown parties, and to verify legitimacy #cybersecurity #threatintel https://lnkd.in/g4VRFdcD

The City of Columbus, Ohio has revealed they were a victim of a #ransomware attack The attack happened in July 2024, and resulted in outages in some services. The Rhysida ransomware group claimed responsibility, and leaked stolen data on its website. The City has notified 500,000 people of the breach and offered credit monitoring and identity restoration services #cybersecurity https://lnkd.in/ektSBeyb

Housing Authority of the City of Los Angeles has revealed they were a victim of a #cyberattack The organization has not revealed the nature of the attack, nor when the attack was detected and if any sensitive data was stolen. However, the Cactus ransomware group has claimed responsibility for the attack. The organization has engaged external cybersecurity experts to investigate and respond #cybersecurity #USA https://lnkd.in/gzyaHd5T

#Synology has released software updates to address two critical #zeroday vulnerabilities The vulnerabilities are tracked as CVE-2024-10443, and when exploited, allows an attacker to remotely execute code Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/dww4W9Ax

#LiteSpeed has released software updates to address a vulnerability in its Cache plugin for #WordPress The vulnerability is tracked as CVE-2024-50550, and when exploited, allows an attacker to gain admin privileges to the site Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/eUx-mNQ5

#qBittorrent has released software updates to address a critical vulnerability The vulnerability does not have a CVE assigned. When the vulnerability is exploited, allows an attacker to remotely execute code. Users are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/g6Y3aCMy

#QNAP has released software updates to fix a #zeroday vulnerability in its NAS software The vulnerability is tracked as CVE-2024-50388, and when exploited, allows an attacker to remotely execute code Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/dCGPQuUv