Researchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now!As part of the August 2020 Patch Tuesday security updates, Microsoft fixed a critical 10/10 rated security vulnerability known as 'CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerabilit
CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems.
CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.
Chinese state-sponsored hackers have pr
Ukrainian software developer and IT services provider SoftServe suffered a ransomware attack on September 1st that may have led to the theft of customers' source code.With over 8,000 employees and 50 offices worldwide, SoftServe is one of Ukraine's largest companies offering software development and IT consulting.News about a cyberattack on SoftServe fi
The COVID-19 pandemic has led to a significant shift in tactics employed by cyber-criminals, according to Bitdefender’s Mid-Year Threat Landscape Report 2020, published today.Threat actors have heavily focused on the issues related to the pandemic to launch attacks such as phishing, ransomware and malware as well as exploit the increased
Publish At:
2020-09-08 15:35 |
Read:125 | Comments:0 |
Tags:
exploit cyber
Hi,we have just released an exploit for CVE-2020-13162. This vulnerability affects the Windows Client of Pulse Secure < 9.1.6. It is a TOCTOU and allow an attacker to escalate the privilige to NT_AUTHORITYSYSTEM.Details about the exploit itself can be found at https://www.redtimmy.com/privilege-escalation/pulse-secure-windows-client/Instead details about
Publish At:
2020-09-04 13:25 |
Read:154 | Comments:0 |
Tags:
exploit
From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently by threat actors.
What is
Hackers actively exploiting a critical remote code execution vulnerability in the File Manager plugin, over 300,000 WordPress sites potentially exposed.
Hackers are actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbit
Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.On the morning of September 1, Arsys's Gonzalo Cruz was the first to discover the flaw and the fact that it was already being exploite
Image: Taylor Vick09/01/20 Update below. This post was originally published on August 31st, 2020. We updated it to reflect that there are two actively exploited DVMRP Memory Exhaustion Vulnerabilities according to Cisco's updated security advisory.Cisco warned over the weekend that threat actors are trying to exploit two high severit
Publish At:
2020-09-01 14:20 |
Read:199 | Comments:0 |
Tags:
Security exploit
Image: Taylor VickCisco warned over the weekend that threat actors are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability in the company's Cisco IOS XR software that runs on carrier-grade routers.Cisco's IOS XR Network OS is deployed on multiple router platforms including NCS 540 & 560,
Publish At:
2020-08-31 14:56 |
Read:173 | Comments:0 |
Tags:
Security exploit
Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers.
Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that ru
Experts discovered a new hacker hacker-for-hire group that is targeting organizations worldwide with malware hidden inside malicious 3Ds Max plugins.
Security researchers from Bitdefender discovered a new hacker group that is currently targeting companies across the world with malware hidden inside malicious 3Ds Max plugins.
Autodesk 3ds Max, formerly
A sophisticated hack-for-hire group specializing in industrial espionage exploited the Autodesk 3ds Max modeling and animation software in an attack aimed at a company involved in luxury real estate projects, cybersecurity firm Bitdefender reported on Wednesday.Bitdefender has analyzed what it describes as an “APT-style cyberespionage attack” targeting an in
Malware or malicious code has been around for over 40 years now, but its use to obtain control of a group of Internet-connected systems in something called a ‘botnet’ is a relatively new phenomenon. Botnets have been behind some of the most costly security incidents of the last 10 years and, consequently, companies around the world are going to great lengths
Introduction: The US federal agencies helping to protect your systems from exploitsAccording to the Cybersecurity and Infrastructure Security Agency (CISA), foreign cyber actors often exploit software vulnerabilities that have been already addressed, banking on the fact that patches are not always timely applied. Public and private sector organizations