Security News

Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution when PowerShell is accessible to the attacker," the tech giant said.

Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. "At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users' systems."

Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems."We detected webshells, mostly obfuscated, being dropped to Exchange servers," the company noted.

Security researchers have warned a zero-day flaw in Microsoft's Exchange server is being actively exploited. A second flaw, ZDI-CAN-18802, is rated 6.3/10. "Details of the flaws are scanty, with GTSC's post detailing its observations of webshells with Chinese characteristics being dropped onto Exchange servers. Those webshells then"injects malicious DLLs into the memory, drops suspicious files on the attacked servers, and executes these files through the Windows Management Instrumentation Command line.

Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. The researchers reported the security vulnerabilities to Microsoft privately three weeks ago through the Zero Day Initiative, which tracks them as ZDI-CAN-18333 and ZDI-CAN-18802 after its analysts validated the issues.

Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. The researchers reported the security vulnerabilities to Microsoft privately three weeks ago through the Zero Day Initiative, which tracks them as ZDI-CAN-18333 and ZDI-CAN-18802 after its analysts validated the issues.

Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. Microsoft hasn't disclosed any information regarding the two security flaws so far and is yet to assign a CVE ID to track them.

For the last day or two, our news feed has been buzzing with warnings about WhatsApp. Even access to a single "Sandboxed" app and its data can be all that an attacker wants or needs, especially if that app is the one you use for communicating securely with your colleagues, friends and family, like WhatsApp.

Security software company Sophos has warned of cyberattacks targeting a recently addressed critical vulnerability in its firewall product.The issue, tracked as CVE-2022-3236, impacts Sophos Firewall v19.0 MR1 and older and concerns a code injection vulnerability in the User Portal and Webadmin components that could result in remote code execution.

Tech giant Microsoft on Tuesday shipped fixes to quash 64 new security flaws across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks.The patches are in addition to 16 vulnerabilities that Microsoft addressed in its Chromium-based Edge browser earlier this month.