151 matches found
Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability
The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have updated the Joint Cybersecurity Advisory CSA published on September 16, 2021, which details the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService...
Microsoft Digital Defense Report shares new insights on nation-state attacks
Microsoft is proud to promote Cybersecurity Awareness Month as part of our ongoing commitment to security for all. Year-round, Microsoft tracks nation-state threat activities to help protect organizations and individuals from these advanced persistent actors. We’re constantly improving our...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-88197)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...
Polazert Trojan using poisoned Google Search results to spread
Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan RAT on as many systems as possible. This RAT runs in memory and is used by attackers to install additional malware on affected systems. Trojan.Polazert...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-40756)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...
IBM QRadar SIEM Cross-Site Vulnerability
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A cross-site...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-34726)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...
CVE-2021-26419
Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...
IBM QRadar SIEM Arbitrary Command Execution Vulnerability
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...
2021: Volumetric DDoS Attacks Rising Fast
In our 2020 DDoS retrospective, we highlighted the twists and turns of a very, very active threat landscape. As a quick refresher, we mitigated some of the largest attacks ever seen 1.44 Tbps and 809 Mpps; saw more attacks on customers across more diverse industries than ever before; and observed...
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...
IBM QRadar SIEM Denial of Service Vulnerability (CNVD-2021-10821)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A denial of servic...
IBM Security Identity Governance and Intelligence Security Breach
IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment, and identity management. A security vulnerability exists in IBM Security Identity...
IBM QRadar SIEM Directory Traversal Vulnerability (CNVD-2021-10826)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A directory...
IBM QRadar SIEM Server-Side Request Forgery Vulnerability (CNVD-2021-10824)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A server-side...
Envira Gallery Lite 1.8.3.2 Cross Site Scripting
==== Tempest Security Intelligence - ADV-12/2020 ============================= Envira Gallery - Lite Edition - Version 1.8.3.2 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents ================================================ • Overview •...
Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors
Microsoft is warning that an Iranian nation-state actor is now actively exploiting the Zerologon vulnerability CVE-2020-1472, adding fuel to the fire as the severe flaw continues to plague businesses. The advanced persistent threat APT actor, which Microsoft calls MERCURY also known as MuddyWater...
IBM Security Identity Governance and Intelligence Input Validation Error Vulnerability
IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment and identity management. An input validation error vulnerability exists in IBM Securi...