Feds Hit with Successful Cyberattack, Data Stolen
The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
Read More
Exploit
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Security researchers and U.S. government authorities alike are urging admins to address Microsoft’s critical privilege escalation flaw.
Read MoreFeds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
Monday’s CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers.
Read MoreCisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers
Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices.
Read MoreGoogle Fixes High-Severity Chrome Browser Code Execution Bug
The high-severity flaw, which was patched in the latest version of Google’s Chrome browser, could allow code execution.
Read MoreIBM AI-Powered Data Management Software Subject to Simple Exploit
A low-privileged process on a vulnerable machine could allow data harvesting and DoS.
Read MoreResearcher Publishes Bypass for Patch for vBulletin 0-Day Flaw
Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
Read MoreResearcher Publishes Bypass for Patch for vBulletin 0-Day Flaw
Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
Read MoreBlack Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros
At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft’s malicious macros protections to infect MacOS users.
Read More