In a world where cyber threats are a constant challenge, the Gafgyt botnet malware stands out. This malware has found a weakness in a…
Zyxel
RCE vulnerability
Zyxel NAS Devices Have a Critical RCE Vulnerability; A Firmware Patch Has Been Released
Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices. Zyxel NAS Devices Have a Critical…
General
Business Networks Were Vulnerable To Misuse Because Of Zyxel Firewall Flaws
The severity of the code execution bug was reduced by the prior patch’s “high uptake.” Following the identification of two security flaws that exposed…
General
Zyxel releases patches for 4 Flaws
Zyxel has rolled out patches for four security flaws plaguing its firewall, AP Controller, and AP products. The flaw can be exploited to carry…
General
Zyxel rolls out patches for critical firewall OS command injection vulnerability
Zyxel has patched a serious flaw plaguing Zyxel firewall devices, which allows unauthenticated and remote attackers to execute code arbitrarily. “A command injection vulnerability…
Cybersecurity
Log4j vulnerability targets SolarWinds, ZyXEL devices
SolarWinds and ZyXEL devices are being attacked by cybercriminals who are searching for Log4jShell vulnerability aka log4j vulnerability. The devices are known to contain…
Cybersecurity
Zyxel firewall and AP controllers prey to secret backdoor
More than 100,000 Zyxel firewall gadgets are conceivably vulnerable against secret backdoor access brought about by hardcoded accreditations used to upgrade firewall and AP…
Malware
New Go-based Malware Targeting Windows and Linux Systems, Researchers Warn
In recent months, Chaos, a new, multi-functional Go-based virus, has seen a sharp increase in volume to capture a variety of Windows, Linux, SOHO…
General
Automate the binary vulnerability disclosure with Ghidra and Semgrep
The following tools can be used to automate processes involving vulnerability finding using static analysis methods: A straight forward Ghidra script named Rhabdomancer finds…
Cybersecurity
SSRF flaws created in multiple apps via Google Drive integration errors
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included…