Security News
Security researchers have warned a zero-day flaw in Microsoft's Exchange server is being actively exploited. A second flaw, ZDI-CAN-18802, is rated 6.3/10. "Details of the flaws are scanty, with GTSC's post detailing its observations of webshells with Chinese characteristics being dropped onto Exchange servers. Those webshells then"injects malicious DLLs into the memory, drops suspicious files on the attacked servers, and executes these files through the Windows Management Instrumentation Command line.
Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. The researchers reported the security vulnerabilities to Microsoft privately three weeks ago through the Zero Day Initiative, which tracks them as ZDI-CAN-18333 and ZDI-CAN-18802 after its analysts validated the issues.
Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. The researchers reported the security vulnerabilities to Microsoft privately three weeks ago through the Zero Day Initiative, which tracks them as ZDI-CAN-18333 and ZDI-CAN-18802 after its analysts validated the issues.
Threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks. Microsoft hasn't disclosed any information regarding the two security flaws so far and is yet to assign a CVE ID to track them.
For the last day or two, our news feed has been buzzing with warnings about WhatsApp. Even access to a single "Sandboxed" app and its data can be all that an attacker wants or needs, especially if that app is the one you use for communicating securely with your colleagues, friends and family, like WhatsApp.
Security software company Sophos has warned of cyberattacks targeting a recently addressed critical vulnerability in its firewall product.The issue, tracked as CVE-2022-3236, impacts Sophos Firewall v19.0 MR1 and older and concerns a code injection vulnerability in the User Portal and Webadmin components that could result in remote code execution.
Tech giant Microsoft on Tuesday shipped fixes to quash 64 new security flaws across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks.The patches are in addition to 16 vulnerabilities that Microsoft addressed in its Chromium-based Edge browser earlier this month.
A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites. Tracked as CVE-2022-3180, the issue is being weaponized to add a malicious administrator user to sites running the WPGateway plugin, WordPress security company Wordfence noted.
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day exploited by attackers. CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, and an attacker must already have access and the ability to run code on the target system before trying to trigger it.
The Wordfence Threat Intelligence team warned today that WordPress sites are actively targeted with exploits targeting a zero-day vulnerability in the WPGateway premium plugin. WPGateway is a WordPress plugin that allows admins to simplify various tasks, including setting up and backing up sites and managing themes and plugins from a central dashboard.