The Jfrog security research team has discovered a vulnerability in the H2 database console. CVE-2021-42392 shares a root cause with the now infamous Log4Shell vulnerability. H2 is a popular and open-source SQL database written in java, which offers a lightweight in-memory solution, meaning data is not required to be stored on a disk. This makes […]
13
Dec
Dec
Some of you may know, a severe vulnerability was discovered in Log4j, a Java logging package. This ubiquitous package is included in products such as Apache and Apple products. Worse yet, this component is so widely used — that it is believed to be within multiple components within applications. This means that security teams worldwide […]
10
Dec
Dec
WordPress sites have been under attack for 36 hours, from 16,000 IP addresses. Threat Intelligence Analysts from Wordfence, have reported an ongoing assault against 1.6 million WordPress sites. The traffic originates from 16,000 IPs and threat actors appear to be targeting four WordPress plugins and fifteen Epsilon Framework themes. One of which has no patch […]
06
Dec
Dec
Researchers from the German IT Magazine publisher CHIP discovered hundreds of potential vulnerabilities across nine vendors of popular wireless routers. The following vendors could be affected: Asus AVM D-Link Netgear Edimax TP-Link Synology Linksys The researchers analysed the configuration of network devices using the IoT Inspector’s firmware security platform, which performs automated checks for thousands […]
23
Nov
Nov
Threat actors are leverage known vulnerabilities against unpatched exchange servers to distribute malware and avoid detection by abusing internal reply-chain emails. TrendMicro researchers have discovered that threat actors have distributed malicious emails to internal employees on corporate networks through an interesting tactic. They start by exploiting Microsoft exchange servers which remain vulnerable to ProxyLogon and […]
28
Sep
Sep
Security researchers from the Eclypsium research team have discovered a vulnerability in the Windows Platform Binary Table (WPBT) that allows attackers to install rootkits on all Windows devices shipped since 2012. WBPT is a fixed firmware ACPI (Advanced Configuration and Power Interface), introduced in Windows 8 to allow vendors to execute programs when the devices […]
20
Sep
Sep
The maintainers of Travis CI, a continuous integration provider located in Berlin, have patched a vulnerability that exposes API and signing keys as well as access credentials to unauthorised third parties. This vulnerability possibly impacts thousands of companies and the maintainers have been criticised for not releasing any technical advisories on the issue itself. The […]
16
Sep
Sep
An ongoing Zloader campaign utilises a new methodology to disable Microsoft Defender Antivirus. Formerly known as Windows Defender. Microsoft Defender Antivirus is currently running on over a billion instances of Windows 10, according to Microsoft’s own statistics. The threat actors have begun to utilise various applications such as Discord, TeamViewer and Zoom advertisements on Google […]
07
Sep
Sep
Netgear has released patches for the firmware version of more than a dozen smart switches used in corporate networks. The patches address three high impact vulnerabilities, two of which have exploit code publicly available. Netgear has identified these bugs as PSV-2021-0140, PSV-2021-0144, PSV-2021-0145, CVE tracking numbers are yet to be assigned. Additionally, many products affected […]
12
Aug
Aug
Introduction Whitelisting is a cyber security strategy where a user granted administrative rights could take action on their computer. However, rather than attempting to keep one stride in front of threat attackers to recognise and obstruct malicious code, the IT staff would rather order a rundown of supported applications that a computer or a mobile […]