Technical Advisory – Multiple Vulnerabilities in Trendnet TEW-831DR WiFi Router (CVE-2022-30325, CVE-2022-30326, CVE-2022-30327, CVE-2022-30328,...
The Trendnet TEW-831DR WiFi Router was found to have multiple vulnerabilities exposing the owners of the router to potential intrusion of their local WiFi network and possible takeover of...
VMware Issues Updated Fix For Critical ESXi Flaw
A previous fix for the critical remote code execution bug was “incomplete,” according to VMware.
VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi...
Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more.
Cyberattackers are targeting uninterruptible power supply (UPS) devices, which provide battery backup power during power surges...
Raft of Exim Security Holes Allow Linux Mail Server Takeovers
Remote code execution, privilege escalation to root and lateral movement through a victim’s environment are all on offer for the unpatched or unaware.
A veritable cornucopia of security vulnerabilities in...
Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems
While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable.
More than 100,000 Windows systems have not yet been...
The Internet’s Most Tempting Targets
What attracts the attackers? David “moose” Wolpoff, CTO at Randori, discusses how to evaluate your infrastructure for juicy targets.
The number of exposed assets keeps climbing, but existing security strategies...
HPE Fixes Critical Zero-Day in Server Management Software
The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary.
Hewlett Packard Enterprise (HPE) has fixed a critical zero-day...
Millions of Java Apps Remain Vulnerable to Log4Shell
Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found.
Four months after...
Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees
The Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns.
Microsoft said...
Back-to-Back PlayStation 5 Hacks Hit on the Same Day
Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
A pair of PlayStation 5 breaches shows the consoles don’t have protection from attackers taking...