Browsing Tag
zero-day
17 posts
Weekly Top Ten Cybersecurity Stories – 9.30.2022
Microsoft Exchange Zero-Day CVE-2022-41040 and CVE-2022-41082, Malicious vSphere Installers, Okta subsidiary discloses code repo breach, Powerpoint phishing to deploy Graphite Malware
Weekly Top Ten Cybersecurity Stories – 6.24.2022
Old Apple Safari vulnerability actively exploited, Cisco Routers patching end-of-life, MEGA cloud storage credential theft, Azure AFD phishing attacks
Weekly Top Ten Cybersecurity Stories – 6.17.2022
Atlassian vulns deploy ransomware, HelloXD ransomware, JFrog RCE, Fatal flaw in Office365, Follina patch released
Weekly Top Ten Cybersecurity Stories – 6.10.2022
DogWalk MSDT Zero-Day, QBOt exploits Follina vuln, Symbiote malware for Linux, Mandiant condemns Evil Corp
Follina Zero-Day Allows Zero-Click RCE From Office Docs
JUNE 2, 2022 19:09 GMT Microsoft Office docs are the primary vector for an actively exploited zero-day vulnerability…
Wormable RPC Vulnerability Among Several Fixed In April Patch Tuesday
APRIL 14, 2022 20:32 GMT Microsoft’s Patch Tuesday for April includes a notably high volume of critical fixes.…
Spring4Shell Zero-Day RCE Affects VMWare’s Java Application Framework
A zero-day RCE vulnerability (CVE-2022-22965) affecting VMWare's Spring Java Framework has had PoC exploit code prematurely released.
Log4j New Year Wrap-Up
One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.
Log4j/Log4Shell Updates and Recommended Guidance
Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.
Apache Log4j Zero-Day Exposes Java Applications to RCE
A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.