Microsoft fixes Windows zero-day bug exploited to push malware
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files
Read More...
Citrix urges admins to patch critical ADC, Gateway auth bypass
Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway.
Read More...
Emotet botnet is blasting malware again after 5 month’s break
The Emotet malware operation is again spamming malicious emails after almost a five-month "vacation"Â
Read More...
Fortinet Patches 6 High-Severity Vulnerabilities
Fortinet on Tuesday informed customers about 16 vulnerabilities discovered in the company's products, including six flaws that have been assigned a "high" severity rating
Read More...
Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution
ConnectWise's advisory notes that the flaw affects Recover v2.9.7 and earlier, and R1Soft SBM v6.16.3 and earlier are impacted by the critical flaw
Read More...
OpenSSL fixes two high severity vulnerabilities, what you need to know
CVE-2022-3602 is an arbitrary 4-byte stack buffer overflow that could trigger crashes or lead to remote code execution (RCE)
Read More...Text4Shell, a remote code execution bug in Apache Commons Text library
Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library
Read More...
Microsoft data breach exposes customers’ contact info, emails
Threat actors who accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels
Read More...
Tear in Microsoft Azure Service Fabric can give attackers full admin privileges
The size of the threat depends on the number of clusters set up within user organizations and if those have non-admin users that use the CreateComposeApplication role to create applications and the vulnerable SFXv1
Read More...
Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update
Some notable commands issued include exfiltrating the list of running processes, enumerating files in specific folders, launching whoami, and deleting files under the public user folders
Read More...