Security News

We've never quite understood Google's mention of rolling out updates over "Days/weeks" in an update bulletin that includes 47 security fixes, of which eight have a severity level of High. We suggest going out manually and making sure you've got your Chrome update already, without waiting for those day/weeks to elapse until the update finds you.

A working proof-of-concept exploit is now publicly available for the critical SIGRed Windows DNS Server remote code execution vulnerability. SIGRed has existed in Microsoft's code for over 17 years, it impacts all Windows Server versions 2003 through 2019, and it has received a maximum severity rating of 10 out of 10.

Check Point has evidence that Chinese hackers stole and cloned an NSA Windows hacking tool years before Russian hackers stole and then published the same tool. 2013: NSA's Equation Group developed a set of exploits including one called EpMe that elevates one's privileges on a vulnerable Windows system to system-administrator level, granting full control.

Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. Advanced persistent threat groups are currently using "At least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks to achieve remote code execution without authentication on unpatched on-premises Exchange servers.

Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. If you use on-prem Microsoft Exchange Servers, you might want to assume you've been hit and start checking and then updating.

A researcher revealed on Monday that some exploits for the notorious CPU vulnerability known as Spectre were uploaded recently to the VirusTotal malware analysis service. In a blog post titled Spectre exploits in the "Wild", researcher Julien Voisin shared a brief analysis of a Spectre exploit for Linux that had been uploaded to VirusTotal in early February.

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. Voisin found the two working Linux and Windows exploits on the online VirusTotal malware analysis platform.

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept exploit code for a critical remote code execution bug affecting a Windows graphics component. The Project Zero researchers discovered the vulnerability, tracked as CVE-2021-24093, in a high-quality text rendering Windows API named Microsoft DirectWrite.

After security researchers have developed and published proof-of-concept exploit code targeting a critical vCenter remote code execution vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.

The day after VMware released fixes for a critical RCE flaw found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.