Ransomware actors attempt to stay at the forefront of the malicious trends in their strive for bigger profits. Recently, security researchers spotted a new threat actor leveraging a critical vulnerability in Atlassian Confluence (CVE-2021-26084) to proceed with ransomware infections. Dubbed Atom Silo, the gang relies on CVE-2021-26084 alongside several novel evasion techniques to fly under […]
On September 24, 2021, CISA issued an alert warning about multiple exploitation attempts for Š° critical vulnerability (CVE-2021-22005) in VMware vCenter Server. A heavy number of scans for the vulnerable servers broke forth after the Vietnamese security researcher Jang published an incomplete exploit for CVE-2021-2205. Jangās technical notes were enough for experienced hackers to produce […]
Thousands of Microsoft Exchange servers remain vulnerable to ProxyShell remote code execution vulnerabilities despite the patches issued in April-May. To make things even worse, security researchers are observing a significant spike in scans for vulnerable Exchange servers, after the technical overview of the ProxyShell attack was revealed at the Black Hat conference on August 4-5, […]
Ivanti has addressed a critical security hole (CVE-2021-22937) that affects its Pulse Connect Secure VPNs. The flaw is a bypass of the patch issued in October last year to mitigate the CVE-2020-8260, a notorious bug that allows malicious admins to execute arbitrary code remotely with root privileges. CVE-2021-22937 Description According to the in-depth inquiry by […]
July 2021 proceeds to be a really hot and tough month in terms of the loud cybersecurity events. While the world of cyber is still recovering from PrintNighmare vulnerability (CVE-2021-1675), Kaseya supply chain attack, and SolarWinds Serv-U zero-day (CVE-2021-35211), Windows has officially announced a new notorious flaw within its products. A recently disclosed HiveNightmare (aka […]
AĀ critical zero-day bug (CVE-2021-35211), existing in SolarWinds Serv-U Managed File Transfer Server and Serv-U Secured FTP products, has been repeatedly exploited in the wild by a China-baked hacker collective, Microsoft reveals. The flaw provides threat actors with the ability to execute arbitrary code remotely and reach the full system compromise. CVE-2021-35211 Description According to […]
A notorious remote code execution (RCE) bug in Windows Print Spooler allows attackers to achieve full system compromise on the unpatched instances. The vulnerability, dubbed PrintNightmare (CVE-2021-1675), was initially rated as a low-severity issue that enables privilege escalation to admin on the targeted hosts. However, after deep-dive research by experts who discovered the potential for […]
Microsoft has recently fixed a highly critical bug (CVE-2021-31166), which enables remote code execution with kernel rights on the machines running Windows 10 and Windows Server. The vendor warns that this flaw is wormable and could self-propagate across multiple servers inside the organizational network to cause maximum harm. The Proof of Concept (PoC) exploit has […]
Yet another time security practitioners should brace themselves and check their coffee supplies due to a set of recently identified vulnerabilities in the Wi-Fi standard. Collectively called FragAttacks, these flaws affect nearly all wireless-enabled devices and allow adversaries to take control over the vulnerable systems to intercept secret information. Mathy Vanhoef, a security expert who […]
Dell computers worldwide are potentially vulnerable to attacks due to high-severity flaws introduced back in 2009. According to experts, a set of five issues tracked together as CVE-2021-21551 affects Dell DBUtil driver and allows adversaries to gain kernel-mode privileges on the affected machines. Although CVE-2021-21551 has been present in the driver for more than a […]