Here are the top 5 trending cyber threats in the news last week:
- Cisco fixes hard-coded credentials and default SSH key issues
- CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution
- Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild
- Philips healthcare infomatics solution vulnerable to SQL injection
- Popular 'coa' NPM library hijacked to steal user passwords
Every day, thousands of cyber threats are reported in the news! But going through them each day to identify how critical they are and if they impact your organization takes time and resources no one has.
That’s why we built the Fletch Trending Threats app.
In minutes, connect your endpoint and vulnerability data. Then Fletch’s natural language engine goes to work for you! Sifting through thousands of threat articles DAILY to:
- Report on the threats most talked about across the cyber security community
- Generate a criticality score based on those having the greatest impact
- Inform you if your organization is impacted by any of these threats and what to do next
It’s like reading the news in the context of your own company...all delivered right to your inbox 📩
Say goodbye to the endless busy work and get Fletch today, starting at zero cost.
Want to see Fletch live in action?
Watch this walkthrough with cybersecurity experts Jim Manico, Darien Kindlund, and our founder and CEO Grant Wernick.
In the meantime, if you have any questions, simply email us at info@fletch.ai.
Below learn more about the top trending cyber threats in the news last week.
Cisco fixes hard-coded credentials and default SSH key issues
"A vulnerability in the Telnet service of Cisco Catalyst PON Series Switches ONT could allow an unauthenticated, remote attacker to log in to the affected device by using a debugging account that has a default, static password," the company explains in an advisory published yesterday. ... Cisco has released security updates to address critical security flaws allowing unauthenticated attackers to log in using hard-coded credentials or default SSH keys to take over unpatched devices.
CVEs: CVE-2021-34795, CVE-2021-40119
CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution
SentinelLabs has discovered a heap overflow vulnerability in the TIPC module of the Linux Kernel. ... The vulnerability can be exploited either locally or remotely within a network to gain kernel privileges, allowing an attacker to compromise the entire system.
CVEs: CVE-2021-43267
Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild
A now-patched critical remote code execution (RCE) vulnerability in GitLab's web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks. ... Despite the public availability of the patches for more than six months, of the 60,000 internet-facing GitLab installations, only 21% of the instances are said to be fully patched against the issue, with another 50% still vulnerable to RCE attacks.
CVEs: CVE-2021-22205
Philips healthcare infomatics solution vulnerable to SQL injection
The Tasy EMR product holds sensitive medical records, patient care histories, medical supply details, financial and billing info, and general hospital management data. ... The Philips Tasy EMR, used by hundreds of hospitals as a medical record solution and healthcare management system, is vulnerable to two critical SQL injection flaws.
CVEs: CVE-2021-39375, CVE-2021-39376
Popular 'coa' NPM library hijacked to steal user passwords
Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world. ... But, several suspicious versions 2.0.3, 2.0.4, 2.1.1, 2.1.3, and 3.1.3 began appearing on npm as of a few hours ago, breaking React packages that depend on 'coa'.
Malware: DanaBot