Zyxel Threat Intelligence (Release Date: 2022-04-01)
ZyWALLs latest virus/malware signature update protects you against more malware and threats. See how ZyWALL defends against these threats.
Part 1 – Virus/Malware Spotlight
Part 2 – Intrusion Detection Highlight
Part 3 – Application Patrol HighlightThis article focuses on Potential Unwanted Application (PUA). Part 2 and 3 will be included in the April Monthly Threat Report covering Intrusion Detection and Application Patrol update. You can view more about their details, history, and signature information in Zyxel Encyclopedia.
(Number of updated Virus/Malware signatures:4,270)
Zyxel keeps malware detection up-to-date. Currently, Zyxel detects and removes the threats including Gen.Variant.Application.RelevantKnowledge and Trojan.CryptoLocker.
This is part of Potentially Unwanted Application. This application can affect the performance of your computing experience. We have seen this leading to the potentially unwanted behaviors on your PCs. This application is usually installed on PCs in United States, China, United Kingdom, France, and Spain.
What is PUA?
A Potential Unwanted Application (PUA) is a type of software that can cause your machine to perform slowly, display unexpected ads, or at worst install other unexpected or unwanted software. PUA is not a virus, malware, or any other type of threats, but it may perform actions on endpoints that would adversely affect endpoint performance or usage. As assessed by Microsoft Defender Advanced Threat Protection, the term PUA can also refer to an application with a bad reputation due to some bad behavior.
How it Affects
Name: Trojan.CryptoLockerThe CryptoLocker attack is Trojan horse that infects your computer and then encrypt the files including your USB memory sticks or hard drives. It is propagated through emails with unknown attachments. Once opened, the downloader is activated and the malware encrypt certain types of files stored on local and mounted network drives using RSA public-key cryptography. Cryptolocker can cause serious damage to personal and business computers. The victims may receive a payment request for decrypted the data. However, there are no guarantees that payment would release the encrypted content.
(Cover Total: 5523/Updated: 13)
Base Score: 7.2 high
SolarWinds Network Configuration Manager Vulnerability Settings Arbitrary File Write
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.(Source: NIST)
Base Score: 7.2 high
Nagios XI mibs Command Injection
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user. (Source: NIST)
(Added Application: 3/ All Application: 3872)
your licenses for your devices has never been easier, the Marketplace is
now open for convenient and secured purchasing of licenses. Here are the three
major benefits you get as a customer when using the Marketplace:
- Get immediate license renewal
- Avoid incorrect license(s) purchased with our filtered product listing
- Review your device and license status online
- 8K All Categories
- 1.6K Nebula
- 60 Nebula Ideas
- 54 Nebula Status and Incidents
- 4.4K Security
- 224 Security Ideas
- 897 Switch
- 46 Switch Ideas
- 868 WirelessLAN
- 14 WLAN Ideas
- 5.2K Consumer Product
- 139 Service & License
- 268 News and Release
- 95 Success Stories
- 53 Security Advisories
- 12 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Nebula Monthly Express
- 71 About Community
- 44 Security Highlight