1589 matches found
Cerber targeting organizations with publicly available exploits
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Cerber, ransomware that mysteriously vanished in 2019, has reappeared with a new encryption. The new cerber includes fresh source code and makes use of the new library Crypto+++, whereas the previous form made use of Windows...
Grafana releases an emergency patch for a Zero-Day vulnerability
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A vulnerability in Chrome and Microsoft Edge Chromium-based exists as a result of a use-after-free Grafana, a database analyzing, and monitoring tool used by major companies has been affected by a high severe zero-day...
BlackByte ransomware exploits Microsoft Servers ProxyShell Vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. BlackByte ransomware is targeting organizations with unpatched ProxyShell vulnerabilities. Proxy Shell was addressed by hive pro threat researcher in the previous advisory released on August 24. ProxyShell is a combination of...
Several Zoho ManageEngine products have been exploited
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in Zoho ManageEngine products. The affected products include Zoho ManageEngine ServiceDesk Plus, Zoho ManageEngine SupportCenter Plus, Zoho ManageEngine Desktop Central, Zoho...
Microsoft could not patch this vulnerability yet again
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. An improperly patched Windows vulnerability CVE-2021-24084 can lead to local privilege escalation and information disclosure. The vulnerability was disclosed in October 2020 and even after Microsoft addressed this...
Have you updated your Zoom meeting?
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Two Critical vulnerabilities have been found in Zoom products. These vulnerabilities were discovered by Natalie Silvanovich, a researcher from Google Project Zero. The first vulnerability, CVE-2021-34423 is a high severity...
VMware patches SSRF and arbitrary file read vulnerabilities in vCenter Server
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. VMware has released fixes to address two security flaws in vCenter Server and Cloud Foundation tracked as CVE-2021-21980 and CVE-2021-22049. The vulnerability CVE-2021-21980 arbitrary file read is of major concern as an...
Microsoft could not patch this vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft released patches for 44 vulnerabilities on November 9th. CVE-2021-41379 was among them. However, installing this patch does not completely eliminate the vulnerability. An exploit for a new Windows zero-day local...
MuddyWater is taking advantage of old vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, the Australian Cyber Security Centre ACSC, and the United Kingdoms National Cyber Security Centre NCSC have issued a joint...
Randori discovered Zero-day in Palo Alto’s GlobalProtect Firewall, affecting ~10,000 assets.
Outline Palo Alto Networks PAN released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and it allows for unauthenticated remote code execution on susceptible...
A zero-day vulnerability has been discovered in PAN’s GlobalProtect firewall
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Palo Alto Networks PAN released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and ...
Microsoft’s Patch Tuesday Security Updates for November
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. For the month of November, Microsoft has reported a total of 55 vulnerabilities, 6CVE-2021-38666, CVE-2021-26443, CVE-2021-42279, CVE-2021-42298, CVE-2021-42316, CVE-2021-3711 of which have been rated critical. Four...
HelloKitty is launching a DDoS attack by exploiting known vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The FBI has issued a warning to private businesses about a new feature of the HelloKitty ransomware group aka FiveHands. The Hello Kitty/FiveHands actor UNC2447 employs the double extortion strategy to place undue pressure on...
Adobe Illustrator 2021 has several critical Vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Adobe Illustrator 2021 has an update that addresses several important vulnerabilities that might result in memory leaks, arbitrary code execution, and application denial of service. Vulnerability Details Patch Link Referenc...
For the third month in a row, it’s time to update Google Chrome
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in the worlds most popular browser. Two of them have been used in the wild CVE-2021-38000, CVE-2021-38003. Google has recently patched these vulnerabilities in Google Chrome versi...
BillQuick Web Suite’s severe vulnerability may affect 400K users
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple versions of BillQuick Web Suite have been found to have a critical vulnerability. A hacker was able to get initial access to a US engineering company by exploiting this serious vulnerability CVE 2021 42258. It also...
Microsoft patches a vulnerability that was used in MysterySnail RAT Campaign
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access...
Iranian APT is targeting Middle Eastern Aerospace and Telecommunications companies
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. ShellClient is a powerful new Remote Access Trojan RAT that was used in highly targeted attacks on a select few Aerospace and Telecommunications firms, primarily in the Middle East, with other victims in the United States,...
Multiple vulnerabilities have been discovered in the Apache HTTP Server
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. There is a zero-day vulnerability CVE-2021-41773 and a DoS vulnerability CVE-2021-41524 in Apache HTTP servers. After a publicly disclosed exploit, the zero-day vulnerability has been actively exploited in the wild. The Hiv...
Another day, another zero-day for Google Chrome
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Google has published an emergency fix 94.0.4606.71 to address the latest zero-day vulnerabilities CVE 2021 37975, CVE 2021 37976. These are the fourth and fifth zero days of the month. These flaws have been exploited in the...
Chrome’s eleventh zero-day vulnerability for the year 2021 has been patched
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A vulnerability in Chrome and Microsoft edgeChromium based exists as a result of a use-after-free issue when processing HTML data in Google Chromes Portals component. A remote attacker can create a specially designed site,...
Are you a victim of the Conti Ransomware?
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Conti Ransomware targets enterprises who have not patched their systems by exploiting old vulnerabilities. Conti Ransomware steals sensitive information from businesses and demands a ransom in exchange. CISA has issued a...
Drop everything and patch VMware’s vCenter Server Vulnerabilities
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here. VMware has issued patches for 19 new vulnerabilities. CVE-2021-22005 is the worst of the lot, defined as "an arbitrary file upload vulnerability in the Analytics service" of the vCenter Server. An attacker with network acce...
ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...
Threat actors are actively exploiting OMIGOD vulnerabilities impacting Microsoft Azure
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Azure VMs using Linux management solutions with Azure Automation, Azure Automatic Update, Azure Operations Management Suite OMS, Azure Log Analytics, Azure Configuration Management, or Azure Diagnostics are affected by...
Google patches chrome zero-day vulnerabilities being exploited in the wild
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Google just released a major security update for Google Chrome that addresses eleven vulnerabilities, including two zero-day flaws that have been exploited in the wild. A remote attacker might take use of the flaws by trickin...
Apple fixes the zero-day vulnerabilities exploited by Pegasus spyware named “FORCEDENTRY”
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Two actively exploited vulnerabilities CVE-2021-30858 and CVE-2021-30860 have been fixed in Apples iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 releases. The NSO group carried out the attack by...
AntiVirus Evasion Techniques
Introduction Antivirus software looks for, detects, and eliminates viruses as well as other harmful software such as worms, trojans, adware, and others. Such programs are intended to be used as a preventative measure in cyber security, preventing threats from entering your computer and causing...
ProxyShell and PetitPotam exploits weaponized by LockFile Ransomware Group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. LockFile, a new ransomware gang, has been active since last week. LockFile began by using a publicly disclosed PetitPotam exploit CVE-2021-36942 to compromise Windows Domain Controllers earlier this week. Using ProxyShell...
Have you patched the vulnerabilities in Microsoft Exchange Server?
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft Exchange Server vulnerabilities have been officially patched for five months now. These vulnerabilities are actively exploited by multiple threat actors named DeadRinger. DeadRinger has been affecting the...
Critical Vulnerabilities revealed in Microsoft’s Patch Tuesday
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been patched by Microsoft in August 2021 Patch Tuesday. Three of them have been labeled as zero-day vulnerabilities CVE-2021-36936, CVE-2021-36942, and CVE-2021-36948. One of them CVE-2021-36948...
Critical flaws in Cisco’s Small Business RV Series VPN routers
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Cisco has patched serious vulnerabilities that might be exploited by sending maliciously crafted HTTP requests to the web-based management interfaces of vulnerable Small Business RV Series Routers. However, the remote...
Major Hospitals affected by PwnedPiper Vulnerabilities
THREAT LEVEL: White. For a detailed advisory, download the pdf file here. Multiple Zero-day vulnerabilities PwnedPiper have been found affecting the HMI-3 Control Panel of Swisslog Healthcare’s TransLogic Pneumatic Tube Systems PTS. PTS is a specialized system that uses compressor to transport...
Weren’t you warned about reactivating the Print Spooler?
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. After almost 10 days of releasing an advisory by the Hive Pro Threat Research team, a new vulnerability has been found in Windows Print Spooler. This is a privilege escalation flaw that allows attackers to run arbitrary code...
Threat Actors are actively exploiting a SolarWinds Zero-Day Vulnerability
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A zero-day vulnerability CVE-2021-35211 that impacts the Serv-U Managed File Transfer and Serv-U Secure FTP, is been exploited by multiple threat actors. The PoC of this exploited vulnerability was given to SolarWinds by...
Critical vulnerabilities found in WordPress plugin affecting 400,000 sites.
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Around 400,000 sites were affected by several critical vulnerabilitiesCVE-2021-34621, CVE-2021-34622, CVE-2021-34623, CVE-2021-34624 discovered in ProfilePress, a WordPress plugin. The vulnerabilities are easily exploitable...
Emergency patches have been released by Microsoft for PrintNightmare
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Attackers have been targeting Windows Print Spooler services for almost 2 months now. It started with the vulnerabilityCVE-2021-1675 being exploited in the wild. Soon a patch was released for the same. It was after 2 days tha...
REvil Ransomware gang behind the Kaseya VSA Supply-Chain attack
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The REvil ransomware group was successful in carrying out a supply chain attack by exploiting the zero-day vulnerability CVE-2021-30116 in the Kaseya VSA server and delivering a malicious script to all the computer devices...
VMware patches 2 Critical Vulnerabilities in Carbon Black App Control, VMWare Tools and VMWare Remote Console
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. VMware has patched an authentication bypass vulnerabilityCVE-2021-21998 in the carbon black app control management server. Apart from this vulnerability VMware also patched a privilege escalation vulnerabilityCVE-2021-21999...