Companies using self-hosted versions of BeyondTrust Remote Support (RS) or Privileged Remote Access (PRA) should deploy patches for a critical vulnerability that allows attacks to execute OS commands without authentication. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption,” BeyondTrust said in…
Category: Network Security, Remote Access Security, Security, Vulnerabilities
Exploits, Global Security News, Network Security, Remote Access Security, Security, Vulnerabilities
Gladinet servers file-sharing servers allow remote code execution
Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its CentreStack and Triofox platforms. Cybersecurity firm Huntress warned that attackers are already abusing the hardcoded keys to perform remote code execution (RCE) on the affected servers. “The AES…