On February 23, 2021, VMware addressed a critical unauthorized remote code execution (RCE) bug (CVE-2021-21972) in its default vCenter Server plugin. Right after the announcement and the advisory release, threat actors started mass scans for publicly exposed instances. To date, researchers have detected 6700 VMware vCenter servers exposed to the attacks. As far as public […]
In February 2021, Microsoft patched a privilege escalation bug in Microsoft Defender Antivirus (formerly Windows Defender) that might provide threat actors with the ability to gain admin rights on the vulnerable host and disable pre-installed security products. SentinelOne experts, who revealed the issue, report that the flaw was introduced back in 2009 and stayed undisclosed […]
A recently-disclosed security issue in Sudo provides unauthenticated hackers with the ability to escalate their privileges to root on any Linux device. The flaw was imported back in 2011 and remained undetected for nearly a decade. Linux Sudo Vulnerability Description Sudo is a standard service for system administrators, which is ubiquitously applied across the majority […]
The information security analyst Jonas L has discovered an alarming bug in Windows 10 that might corrupt any hard drive (HD) relying on the NTFS formatting. A zero-day flaw remains unpatched despite the researcher has pointed up to it since autumn 2020. NTFS Vulnerability Analysis The NTFS zero-day vulnerability exists in Windows 10 build 1803, […]
Threat actors exploit a recently discovered Zyxel secret backdoor in the wild. It’s high time to patch since adversaries are instantly searching for vulnerable installations to gain momentum before updates are installed. CVE-2020-29583 Overview The bug occurs since a number of Zyxel products incorporate an undocumented root account leveraging hardcoded login details accessible in the […]
Zoho ManageEngine ServiceDesk Plus Exploit Detection Security researchers warn that hackers continue to exploit Zoho ManageEngine ServiceDesk Plus (SDP) vulnerability in the wild. Despite the patch released in Q1 2019, many instances remain vulnerable, allowing adversaries to deploy web shell malware and compromise targeted networks. CVE-2019-8394 Analysis The vulnerability (CVE-2019–8394) was disclosed on February 18, […]
In late October 2020, the world of cybersecurity spotted malicious activity targeted at the Oracle WebLogic servers. This activity took the form of recurring exploitation of a RCE weakness in the Oracle WebLogic server console component known as CVE-2020-14882. This CVE was rated as critical by gaining 9,8 scores on the CVSS scale. CVE-2020-14882 Overview […]
Cloud services are an irreplaceable part of modern enterprise infrastructure, over 70% of the world’s organizations fully or partially operate on the cloud as reported by Cloud Security Alliance. Cloud service providers also provide extra security measures, such as automated threat detection. But according to statistics, up to 90% of all cybersecurity professionals are now […]
I think the most of security community has agreed that CVE-2019-0708 vulnerability is of critical priority to deal with. And while saying “patch your stuff!” feels like the first thing that one should think of, the memories of WannaCry and NotPetya are still fresh in my mind. We know that patching ain’t gonna happen at […]