September 2021 Archives

PoC Released For New VMware vCenter Vulnerability

On the tail of VMware disclosing that its vCenter Server is affected by an arbitrary file upload vulnerability,…

September 29, 2021 16:24 GMT

Netgear Warns Certain Routers Impacted by Remote Code Execution Vulnerability

Netgear recommends urgent firmware upgrades for impacted routers. Background On September 20, Netgear informed its customers about CVE-2021-40847, which…

September 23, 2021 19:35 GMT

Microsoft’s September 2021 Patch Tuesday closes OMIGOD vulnerability which allows RCE on Azure Linux VMs

Reportedly simple to execute, the attack targets a vulnerability in Open Management Infrastructure (OMI) software preloaded on all…

September 17, 2021 15:35 GMT

What is SASE? SASE Explained.

Following security into the cloud, SASE acknowledges a much needed structure for granular networking that allows finer control of cloud service access. Let's take a look at what exactly the newly coined term means and how it's being implemented across the industry.

September 16, 2021 15:21 GMT

FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices

Apple’s updates to its operating systems this week contain a patch for a serious vulnerability that allowed a…

September 15, 2021 16:04 GMT

Attackers Exploit Microsoft Windows Remote Code Execution Vulnerability In The Wild

No patch is currently available, but an official mitigation has been released. Background Microsoft has released an advisory for…

September 10, 2021 02:22 GMT

Palo Alto Patches a Series of Vulnerabilities Impacting PAN-OS and Cortex XSOAR Platforms

Palo Alto has released patches for 5 high-severity vulnerabilities, including four impacting PAN-OS and one impacting Cortex XSOAR.…

September 9, 2021 19:01 GMT

Critical Remote Code Execution Vulnerability Impacts On-Premises Confluence Environments

Atlassian recommends upgrading immediately, as POC code is available and researchers have detected active exploitation in the wild.…

September 3, 2021 21:47 GMT

ProxyToken Exchange Vulnerability Allows Attacker To Intercept Others’ Emails

Microsoft has patched ProxyToken, the most recent in a string of serious Exchange server vulnerabilities. It’s recommended that on-prem…

September 2, 2021 23:58 GMT

Phishing Monitoring

Phishing is the malicious tactic of sending fraudulent emails to trick recipients into revealing sensitive information, making payments,…

September 1, 2021 15:30 GMT

Hand-Picked Top-Read Stories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

What Happened To The Internet Archive?

Trending Tags

Month: September 2021

PoC Released For New VMware vCenter Vulnerability

Netgear Warns Certain Routers Impacted by Remote Code Execution Vulnerability

Microsoft’s September 2021 Patch Tuesday closes OMIGOD vulnerability which allows RCE on Azure Linux VMs

FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices

Attackers Exploit Microsoft Windows Remote Code Execution Vulnerability In The Wild

Palo Alto Patches a Series of Vulnerabilities Impacting PAN-OS and Cortex XSOAR Platforms

Critical Remote Code Execution Vulnerability Impacts On-Premises Confluence Environments

ProxyToken Exchange Vulnerability Allows Attacker To Intercept Others’ Emails

Phishing Monitoring

Threat Advisories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware