RYUK is a ransomware which was first spotted in the year 2018 being distributed as a part of a targeted campaign. The attacks using this ransomware are well planned and highly targeted. This ransomware is known to have encrypted a number of PCs, storage and data centers in various organizations. The attackers behind this ransomware […]

Read More →

A new vulnerability was discovered in the sudo utility which allows an unprivileged user to gain root privileges without authentication. CVE-2019-18634 is classified as Stack-based Buffer Overflow(CWE-121). This flaw affects all Unix-like operating systems and is prevalent only when the ‘pwfeedback’ option is enabled in the sudoers configuration file. pwfeedback provides visual feedback(* for every […]

Read More →

Researchers have discovered a critical remote code execution bug in OpenSMTPD email server. This flaw in OpenSMTPD, OpenBSD‘s mail server, is known to be exploitable since May 2018.  The vulnerability, tracked as CVE-2020-7247, is exploitable both locally and remotely. OpenSMTPD is a Unix daemon which implements the Simple Mail Transfer Protocol to deliver messages on […]

Read More →

Apple released security updates for multiple products today. A total of 46 vulnerabilities were addressed. Exploitation of some of these security flaws could allow an attacker to take control of an affected system. The update for macOS includes fixes for 33 vulnerabilities which could allow an attacker to execute arbitrary code with kernel privileges, cause […]

Read More →

The news of numerous exploits on Citrix ADC(formerly NetScaler ADC) has been hitting the headlines lately. A total of 550,000 compromise attempts were recorded as per latest available statistics. Thousands of systems were sitting ducks while Citrix delayed the final release of necessary updates for the vulnerable devices. Citrix ADC is an application delivery and […]

Read More →

Cisco released a set of security updates which include one critical, seven high severity and nineteen medium security advisories. At least seven vulnerabilities lead to denial of service condition on the affected system and the most severe vulnerability could allow a remote unauthenticated attacker to gain administrative access on the affected device. Cisco has released […]

Read More →