Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover
CloudLinux’ security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug.
A high-severity security vulnerability in CloudLinux’s Imunify360 cybersecurity platform could lead to arbitrary code...
Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws
Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters.
Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in...
6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years
Pen Test Partners didn’t disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm....
FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months
The bureau’s flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets’ networks.
A threat actor has been...
Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns
Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving.
A state-backed Iranian threat actor has been using...
High-Severity Intel Processor Bug Exposes Encryption Keys
CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files.
A security vulnerability in Intel chips opens the door for encrypted file access and espionage,...
Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
A partially unpatched security bug in Windows that could allow...
Technical Advisory – Multiple Vulnerabilities in Victure WR1200 WiFi Router (CVE-2021-43282, CVE-2021-43283, CVE-2021-43284)
Victure’s WR1200 WiFi router, also sometimes referred to as AC1200, was found to have multiple vulnerabilities exposing its owners to potential intrusion in their local WiFi network and complete...
Back-to-Back PlayStation 5 Hacks Hit on the Same Day
Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
A pair of PlayStation 5 breaches shows the consoles don’t have protection from attackers taking...
