OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service DoS condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate...

ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...

Babuk Ransomware

ARCHIVED STORY Babuk Ransomware By Alexandre Mundo · February 23, 2021 Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this...

Parallels Remote Application Server 15.5 Path Traversal Vulnerability

Exploit for windows platform in category web applications Exploit Title: Parallels Remote Application Server RAS 15.5 Path Traversal Date: 22-02-2018 Exploit Author: Nicolas Markitanis - RUNESEC Reviewers: Simon Loizides and Marios Nicolaides - RUNESEC Vendor Homepage: https://www.parallels.com/...