RCE Vulnerability found in Cisco Small Business RV Series routers
Mar 22, 2022
On April 7th, Cisco released a security advisory announcing the discovery of a vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers that could allow for an unauthenticated, remote attacker to execute arbitrary and potentially malicious code on affected devices.
This vulnerability is being caused by improper validation of user-supplied input in the web-based management interface. A malicious threat actor could exploit this vulnerability by sending specially designed HTTP requests to a targeted device. A successful exploit would allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device.
At this time, Cisco has not released software updates that will address this vulnerability. There are also no known workarounds that address this vulnerability.
For Small Banks, Cyberattacks Carry Long-Term Consequences
Mar 18, 2022
Read on to learn more about how cyberattacks against small banks carry long-term consequences.
FBI and CISA Release Bulletin Citing Hackers’ On-Going Efforts to Exploit Fortinet Vulnerabilities
Feb 10, 2022
On Friday, April 2nd, the United States Federal Bureau of Investigation (FBI) and Homeland Security Department’s Cybersecurity and Infrastructure Security Agency (CISA) released a joint bulletin titled APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks announcing that they had observed advanced persistent threat (APT) actors scanning devices and seeking to exploit vulnerabilities in Fortinet’s FortiOS.
