Browsing Tag
zero-day
17 posts
Weekly Top Ten Cybersecurity Stories – 9.30.2022
Microsoft Exchange Zero-Day CVE-2022-41040 and CVE-2022-41082, Malicious vSphere Installers, Okta subsidiary discloses code repo breach, Powerpoint phishing to deploy Graphite Malware
September 30, 2022 17:25 GMT
Weekly Top Ten Cybersecurity Stories – 6.24.2022
Old Apple Safari vulnerability actively exploited, Cisco Routers patching end-of-life, MEGA cloud storage credential theft, Azure AFD phishing attacks
June 24, 2022 12:59 GMT
Weekly Top Ten Cybersecurity Stories – 6.17.2022
Atlassian vulns deploy ransomware, HelloXD ransomware, JFrog RCE, Fatal flaw in Office365, Follina patch released
June 17, 2022 12:55 GMT
Weekly Top Ten Cybersecurity Stories – 6.10.2022
DogWalk MSDT Zero-Day, QBOt exploits Follina vuln, Symbiote malware for Linux, Mandiant condemns Evil Corp
June 10, 2022 13:01 GMT
Follina Zero-Day Allows Zero-Click RCE From Office Docs
JUNE 2, 2022 19:09 GMT Microsoft Office docs are the primary vector for an actively exploited zero-day vulnerability…
June 2, 2022 15:45 GMT
Wormable RPC Vulnerability Among Several Fixed In April Patch Tuesday
APRIL 14, 2022 20:32 GMT Microsoft’s Patch Tuesday for April includes a notably high volume of critical fixes.…
April 14, 2022 18:31 GMT
Spring4Shell Zero-Day RCE Affects VMWare’s Java Application Framework
A zero-day RCE vulnerability (CVE-2022-22965) affecting VMWare's Spring Java Framework has had PoC exploit code prematurely released.
March 31, 2022 23:27 GMT
Log4j New Year Wrap-Up
One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.
January 7, 2022 01:15 GMT
Log4j/Log4Shell Updates and Recommended Guidance
Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.
December 13, 2021 20:18 GMT
Apache Log4j Zero-Day Exposes Java Applications to RCE
A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.
December 10, 2021 18:45 GMT