Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks
The networking giant has rolled out patches for remote code-execution and command-injection security holes that could give attackers keys to the kingdom.
Cisco has addressed two critical security vulnerabilities in...
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario.
Threat actors are using public exploits to pummel a critical zero-day...
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft’s regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall.
Included in the slew...
NSA Warns: Patched VMware Bug Under Active Attack
Feds are warning that adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products.
Active attacks against a flaw in VMware’s Workspace One...
Critical Magento Holes Open Online Shops to Code Execution
Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database.
Two critical flaws in Magento –...
Cloud Attacks Are Bypassing MFA, Feds Warn
CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.
The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and...
Google Emergency Update Fixes Two Chrome Zero Days
This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild.
Google has pushed out an...
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Vendor: Apple
Vendor URL: https://www.apple.com/
Systems Affected: macOS Monterey before 12.3, macOS Big Sur before 11.6.5 and macOS 10.15 Catalina before Security Update 2022-003
Author: Richard Warren
Advisory URLs: https://support.apple.com/en-us/HT213183, https://support.apple.com/en-us/HT213185, https://support.apple.com/en-gw/HT213185
CVE...
Widespread Scans Underway for RCE Bugs in WordPress Websites
WordPress websites using buggy Epsilon Framework themes are being hunted by hackers.
Millions of malicious scans are rolling across the internet, looking for known vulnerabilities in the Epsilon Framework for...
Hunting for exploits by looking for the author’s fingerprints
Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints
Research by: Itay Cohen, Eyal Itkin
In the past months, our Vulnerability and Malware Research teams joined efforts...