Endpoint Security, Vulnerability management

Mar26 0

Apple released security updates for multiple products today. A total of 49 vulnerabilities were addressed. The exploitation of some of these security flaws could allow an attacker to take control of an affected system. Adobe also released an out-of-band security update for critical arbitrary file deletion vulnerability in Creative Cloud. Critical vulnerabilities in Apple products […]

Mar24 0

Microsoft and its updates are of utmost interest for the security community during the second Tuesday of every month, the Patch Tuesday. However, Microsoft has filled the headlines of the fourth Tuesday too with important information about two critical unpatched zero-days in Microsoft Windows operating systems. A critical advisory has been released by Microsoft, urging […]

Mar20 0

COVID-19 has spread across the globe and has forced organizations to embrace work from home culture. We too were faced with a similar situation last weekend when the authorities insisted IT organizations allow employees to work from home. We are a team who are accustomed to working at our office premises, and hence several […]

Mar20 0

How secure can you code in Java? Every software developer must follow certain standards and practices while coding and writing, secure code is one such practice. Everyone who loves to code must ensure their software is not vulnerable to exploits or being a principal cause of a cyber-attack. Anyone can code, but if our code is […]

Mar19 0

At SecPod, we strive towards delivering the solution to enhance user experience. SanerNow 4.4.0.0 comes with a bundle of new additions, enhancements and bug fixes to increase efficient product usage. In this release we have brought several enhancements to Patch Management, Endpoint detection and response and Agent Deployment Tool, covering other general enhancements and bug […]

Mar18 0

Recent attacks involved the exploitation of security holes in Trend Micro’s enterprise security products. Trend Micro issued a critical security advisory stating that it has observed active attempts of potential attacks against its products. In-the-wild zer0-day exploits CVE-2020-8467 is a critical remote code execution vulnerability in the migration tool component of Trend Micro Apex One […]

Mar18 0

Adobe released a security update for the widely used Acrobat and Reader. This update includes a total of 13 CVEs, 9 of which are known to be critical security fixes for arbitrary code execution vulnerabilities. The exploitation of other vulnerabilities could lead to the disclosure of sensitive information and grant elevated privileges to an attacker. […]

Mar13 1

Never wanted to get into Technology I know it wouldn’t be very nice to give this statement at first, as I am working in the field of engineering and technology. I always dreamt of being a doctor, scientist, actress and what not, except engineering, so it chose me. Life sometimes leads us to unknown but […]

Mar13 0

What is Solaris? Why should you use it? Solaris is a Unix-based operating system developed by Sun Microsystems, which was later acquired by Oracle. Solaris OS is known for its scalability, so it can be used to handle heavy workloads efficiently and has an advanced security capability to automate self-healing (disaster recovery). They also come […]

Mar13 0

Critical Wormable SMBv3 Flaw in Windows Systems

Microsoft disclosed details of a critical wormable flaw in SMBv3. This flaw can be used by attackers to deliver wormable malware to targets which could spread across the network and infect other machines within no time. Server Message Block(SMB) is an important network protocol that is used for sharing access to files, printers, serial […]

Mar12 0

Researchers have discovered another interesting vulnerability in the line of speculative execution attacks in Intel processors. This vulnerability has been named Load Value Injection (LVI), and is tracked as CVE-2020-0551. LVI is a new class of side-channel attacks that abuses microarchitectural flaws in processors to steal data. Modern processors resistant to Meltdown, Foreshadow, ZombieLoad, RIDL […]

Mar11 0

Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]

Mar09 0

Researchers have uncovered a serious vulnerability (CVE-2019-0090) in Intel’s CSME, which is unfixable and allows compromise of the hardware too. Intel CSME is known as the ‘root of trust‘. The vulnerability specifically lies in the ROM of the Intel Converged Security and Management Engine (CSME) and weakens the security foundation of Intel processors. Intel had […]

Mar06 0

A critical 17-year-old remote code execution bug was discovered in pppd (Point to Point Protocol Daemon). PPPD is used to manage network connections between two nodes on Unix-like operating systems and is responsible for managing PPP session establishment and session termination. The vulnerability, tracked as CVE-2020-8597, is a flaw in the Extensible Authentication Protocol (EAP) […]

Mar06 0

As an initiative to celebrate International Women’s day at SecPod, we brainstormed and gathered a lot of ideas. Starting from planning on dress codes, welcoming women with bouquets, asking men to host us a party to conducting themed photoshoots, everything seemed regular and usual to us. Looking at all the passionate women around who are […]

Mar02 1

A critical vulnerability named Ghostcat was recently discovered in Apache Tomcat Servers. Apache Tomcat is a software used to deploy Java Servlets and JSPs. This vulnerability resides in Tomcat for more than a decade now. Ghostcat, tracked as CVE-2020-1938, was discovered in Tomcat AJP protocol by researchers at Chaitin Tech. Tomcat AJP is configured with […]

Feb28 0

Cisco has released updates for a set of vulnerabilities. These vulnerabilities include six high severity and six medium severity vulnerabilities. The main highlight for this set of Cisco updates is the patching of a recently discovered vulnerability in Wi-Fi Access points and routers, widely known as Kr00k. Getting rid of the Kr00k Kr00k (CVE-2019-15126) is […]

Feb27 0

Microsoft rightly predicted that systems vulnerable to CVE-2020-0688, could be an attractive target for attackers and that this vulnerability could soon be included in upcoming attacks. Standing true to that, attackers have now started scanning the Internet for Microsoft Exchange Servers vulnerable to a Remote Code Execution flaw(CVE-2020-0688). This vulnerability received a patch during the […]

Feb26 0

In a bid to fix three new vulnerabilities in its browser, Google has issued updates for Chrome on all the major platforms. The search giant published an advisory to address the high-severity vulnerabilities, with the most severe one leading to arbitrary code execution and claimed by the Google Development Team as “being exploited in the […]

Feb20 0

Microsoft released updates for Patch Tuesday a week ago. A few users who installed the updates encountered missing files and user profiles on their systems. Further investigation revealed that the culprit was Windows 10 update KB4532693. Microsoft has acknowledged the existence of an issue and is analyzing it. What happens after installing KB4532693? Several users […]

Feb19 0

Fox Kitten Campaign has hit the headlines recently, but has a longstanding history of cyber espionage. Researchers from ClearSky discovered a three-year-old campaign targeting a wide range of organizations around the world. In a detailed report, the researchers added that this could be Iran’s most continuous and comprehensive campaign known. The campaign, first revealed by […]

Feb13 0

Intel patched a high severity bug in CSME subsystem which allows an attacker to carry out privilege escalation, information disclosure and denial of service. Intel Converged Security and Management Engine (CSME) is a chipset subsystem which powers Intel’s Active Management technologies. CSME is used for remote out-of-band management in consumer or corporate PCs, Internet of […]

Feb13 0

Adobe released security advisories providing fixes for 35 critical vulnerabilities. A total of 42 security bugs were fixed in this release. The critical vulnerabilities, all allow execution of arbitrary code on a target machine. These flaws affect Windows, Linux, Mac OS X and other platforms. Adobe Framemaker Twenty one critical arbitrary code execution flaws were […]

Feb12 0

Microsoft has released February Patch Tuesday security updates, addressing total 101 vulnerabilities in the family of Windows operating systems and related products. Out of these, 13 are classified as Critical and 88 as Important which includes Office Services and Web Apps, Internet Explorer, Edge, Microsoft Exchange Server, Malicious Software Removal Tool, and Surface Hub. The […]

Feb10 0

RobbinHood is a relatively new ransomware that was first spotted in April 2018. A distinct feature of this ransomware is that it targets every computer individually and does not encrypt other computers via connected shares. RobbinHood claims to delete all the information related to an infected computer including the IP address, Encryption keys, etc. once […]

Feb10 0

Fig 1: Image credit: zdnet.com Armis Security Inc., a cybersecurity firm based in United States, has discovered five critical vulnerabilities in a networking protocol developed by Cisco. These flaws could enable hackers to target virtually all devices, from data center switches to cameras and IP phones worldwide. These vulnerabilities were disclosed when Cisco released fixes […]

Feb06 0

Lemon Duck is a monerocrypto-mining malware. This malware was first spotted in China but has hence spread to other parts of the world. Lemon Duck starts with single infection and spreads rapidly across the entire network converting the resources of an organization into cryptocurrency mining slaves. Researchers from TrapX-Labs have reported that Lemon Duck has […]

Feb05 1

RYUK is a ransomware which was first spotted in the year 2018 being distributed as a part of a targeted campaign. The attacks using this ransomware are well planned and highly targeted. This ransomware is known to have encrypted a number of PCs, storage and data centers in various organizations. The attackers behind this ransomware […]

Feb04 0

A new vulnerability was discovered in the sudo utility which allows an unprivileged user to gain root privileges without authentication. CVE-2019-18634 is classified as Stack-based Buffer Overflow(CWE-121). This flaw affects all Unix-like operating systems and is prevalent only when the ‘pwfeedback’ option is enabled in the sudoers configuration file. pwfeedback provides visual feedback(* for every […]

Jan30 0

Researchers have discovered a critical remote code execution bug in OpenSMTPD email server. This flaw in OpenSMTPD, OpenBSD‘s mail server, is known to be exploitable since May 2018. The vulnerability, tracked as CVE-2020-7247, is exploitable both locally and remotely. OpenSMTPD is a Unix daemon which implements the Simple Mail Transfer Protocol to deliver messages on […]

Jan29 0

Apple released security updates for multiple products today. A total of 46 vulnerabilities were addressed. Exploitation of some of these security flaws could allow an attacker to take control of an affected system. The update for macOS includes fixes for 33 vulnerabilities which could allow an attacker to execute arbitrary code with kernel privileges, cause […]

Jan29 0

The news of numerous exploits on Citrix ADC(formerly NetScaler ADC) has been hitting the headlines lately. A total of 550,000 compromise attempts were recorded as per latest available statistics. Thousands of systems were sitting ducks while Citrix delayed the final release of necessary updates for the vulnerable devices. Citrix ADC is an application delivery and […]

Jan24 0

Cisco released a set of security updates which include one critical, seven high severity and nineteen medium security advisories. At least seven vulnerabilities lead to denial of service condition on the affected system and the most severe vulnerability could allow a remote unauthenticated attacker to gain administrative access on the affected device. Cisco has released […]

Jan21 0

Microsoft has released an emergency advisory for an unpatched zero-day vulnerability in Internet Explorer. Microsoft is also aware of limited targeted attacks in the wild. This vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group. The fix for this zero-day would be released as a part of the next Patch Tuesday updates. And […]

Jan16 0

The release of Microsoft Patch Tuesday updates for January 2020 brought to light a critical vulnerability in Microsoft Windows CryptoAPI. Reported by National Security Agency, the national level intelligence agency of USA, CVE-2020-0601 is a spoofing vulnerability in Windows systems, the exploitation of which could have widespread consequences. Microsoft explains that this spoofing vulnerability in […]

Jan15 0

Microsoft has released January Patch Tuesday security updates today, fixing 49 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products which includes Windows, Office, Office Services and Web Apps, Internet Explorer, .NET Core, ASP.NET, .NET Framework, OneDrive for Android, and Microsoft Dynamics. Out of these, 8 are classified as […]

Jan10 0

Cisco has rolled out security patches for fourteen different products. Advisories released for Cisco Webex Video Mesh and Cisco IOS and Cisco IOS XE Software are considered important. The most severe of these vulnerabilities could allow an attacker to remotely execute commands and take control of an affected system. Cisco has released security updates for […]

Jan09 0

Mozilla released two consecutive security advisories to address the vulnerabilities in Firefox and Firefox ESR. The latter is a critical advisory claiming that Mozilla is aware of in-the-wild attacks for a type confusion vulnerability. However, there are no details about the specific threat actor(s) abusing the aforementioned vulnerability. Mozilla’s release of Firefox version 72 includes […]

Jan07 0

Cisco released security updates for Cisco Data Center Network Manager (DCNM), a platform for managing Cisco’s data center deployments, switches and fabric extenders that run NX-OS. A total of 12 vulnerabilities in DCNM were addressed in 6 advisories, one of which has been rated critical, three rated high and two rated medium in severity. Summary […]

Jan07 0

Artificial intelligence and computer vision fall in the category of top 10 buzzwords of modern day computing. An opensource platform helping industries build a new era of real-time visual processing is OpenCV, a library of programming functions with over 2500 optimized computer vision and machine learning algorithms. Two< critical vulnerabilities were discovered in OpenCV libraries […]

Dec24 0

Cisco noticed a steep rise in the exploitation attempts of a critical vulnerability in Cisco Adaptive Security Appliance (ASA) and Firepower Appliance. Cisco ASA is a family of security devices which is known to have a million deployments around the world. CVE-2018-0296 is a denial of service vulnerability which has been abused by attackers a […]

Dec20 0

Drupal is a free, open source software that can be used to easily create and manage many types of Web sites. Drupal also includes a Content Management Platform and a development framework. A set of critical vulnerabilities was identified and fixed in Drupal, the most severe of which could allow an attacker to overwrite sensitive […]

Dec13 0

Apple has rolled out security patches for various products. There are a total of 59 CVEs addressing arbitrary code execution, privilege escalation, information disclosure and denial of service vulnerabilities. Five vulnerabilities in macOS are considered very critical as they allow an attacker to execute arbitrary code with kernel privileges. A majority of the security bugs […]

Dec13 0

Adobe released its monthly set of security updates addressing 25 vulnerabilities in Adobe Acrobat and Reader, Photoshop CC, Brackets and ColdFusion. Seventeen of these vulnerabilities are rated Critical and a majority of the them are in Adobe Acrobat and Reader. As is the case with most critical vulnerabilities, these allow an attacker to execute arbitrary […]

Dec11 0

Microsoft released its monthly set of security updates today. The December 2019 Patch Tuesday fixed a total of 36 vulnerabilities in various products. 7 flaws are rated critical for Remote Code Execution and 28 are rated important. All the critical vulnerabilities lead to Remote Code Execution. The other bugs could allow an attacker to cause […]

Dec06 0

A new vulnerability(CVE-2019-14899) was discovered in Linux and Unix-like systems which allows an attacker in the adjacent network to inject data into the TCP stream and hijack connections. This vulnerability is known to work against OpenVPN, WireGuard, and IKEv2/IPSec, but the vulnerability impacts all VPN implementations. The tor browser seems to be unaffected by this […]

Dec06 0

OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded as one of the most secure operating systems available due to many of its security features. Security researchers at Qualys Research Labs have discovered four high-severity security vulnerabilities in OpenBSD, which include one authentication bypass […]

Dec05 0

EmbedThis GoAhead is a simple and compact embedded web server which can be used to efficiently host embedded web applications. GoAhead is a very popular web server and is known to have 1.3 million installations worldwide. A researcher from Cisco Talos discovered two security bugs in GoAhead Embedded Web Server. The two vulnerabilities are tracked […]

Dec05 0

Mozilla has released security updates for Firefox, Firefox ESR and Thunderbird. Eleven vulnerabilities were identified and fixed in Firefox and eight in Firefox ESR and Thunderbird each. The advisories have been ranked high in severity which indicates that the vulnerabilities can be used to gather sensitive data from sites in other windows or inject data […]

Nov21 0

Oracle’s E-Business Suite is a collection of enterprise resource planning (ERP), customer relationship management (CRM), and supply-chain management (SCM) computer applications. Reports indicate that over 21,000 global organizations use Oracle EBS. Two critical vulnerabilities (CVE-2019-2638, CVE-2019-2633) in Oracle EBS have turned around the face of security for businesses. These vulnerabilities (also known as ORACLE EBS […]

Nov20 1

Spearphishing is a key weapon for attackers these days. Spam emails with malicious decoy documents are a dime a dozen. The social engineering used to lure users into opening these mails is elaborate and is unique to every attacker. To break the news, an ongoing malicious campaign was found sending fake Windows Update emails to […]

Nov15 0

Does the name ZombieLoad ring a bell with you? A new variant of the infamous ZombieLoad attack is around. ZombieLoad v2 enables attack on Intel CPUs which are designed to be resistant against the previously discovered MDS attacks. Zombieload v2 even affects processors in the latest Intel Cascade Lake CPU family. This new vulnerability is […]

Nov14 0

Adobe has released security updates as a part of its monthly cycle. There are a total of 11 vulnerabilities in four products. Three CVEs are rated critical and eight CVEs are rated important. An overall priority rating of 3 has been assigned to all the advisories. According to Adobe’s metrics, Priority 3 would mean “This […]

Nov13 0

Microsoft publicizes November Patch Tuesday security updates today, fixing 74 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products. Out of these, 13 are classified as “Critical” and 61 as “Important”. Amongst the 13 Critical vulnerabilities, there is one vulnerability in Internet Explorer which is under the radar of […]

Nov11 0

Bluekeep is an exploit not unheard of. But, it is only in the recent times that an active exploitation of BlueKeep vulnerability has hit the headlines. Tracked as CVE-2019-0708, BlueKeep is a critical wormable remote code execution flaw in Remote Desktop Services patched by Microsoft in May 2019 Patch Tuesday Updates. Over 724,000 systems worldwide […]

Nov09 0

QSnatch, the new malware in town has already affected thousands of devices and wouldn’t call it quits. This malware was first discovered in October 2019 by the National Cyber Security Center of Finland (NCSC-FI) after it received reports via the Autoreporter service indicating the communication of infected QNAP NAS devices with specific command and control […]

Nov08 0

A new set of vulnerabilities were identified and fixed by Cisco, the most critical of which could allow a remote attacker to take control of the system. Likewise, security updates are now available for Cisco’s products which include eight advisories rated high in severity and seven rated medium. One of the high severity bugs allow […]

Nov04 0

Google has released an emergency update for Chrome with a warning that an exploit exists in-the-wild. There are two vulnerabilities rated high in severity and one of them has been reported as a zero-day. CVE-2019-13721 and CVE-2019-13720 are use-after-free issues in PDFium library and audio component respectively. An attacker can trick a user into visiting […]

Oct30 0

Apple has released a set of security updates for the second time this month. The updates include fixes for vulnerabilities in macOS, Safari, watchOS, iOS and tvOS. There are a total of 56 CVEs. 33 vulnerabilities were fixed in macOS and 14 vulnerabilities in Safari. Eleven vulnerabilities in macOS lead to arbitrary code execution. 13 […]

Oct28 0

PHP FPM (FastCGI Process Manager) is an advanced PHP FastCGI implementation with added features and is very useful for heavily loaded sites. A vulnerability was discovered in PHP FPM which has been exploited in-the-wild. NGINX servers with PHP-FPM are found to be vulnerable. The vulnerability is tracked as CVE-2019-11043 and classified as buffer underflow (CWE-124). […]

Oct24 0

Mozilla Firefox Vulnerabilities Mozilla released updates for Firefox and Firefox ESR. Thirteen vulnerabilities were fixed in Firefox and nine vulnerabilities in Firefox ESR. Mozilla has rated these updates as critical which indicates that these security loopholes can be used by an attacker to run arbitrary code and install malicious software with minimal to no user […]

Oct21 0

A critical vulnerability was discovered in the Linux Kernel which allows attackers to crash the operating system or completely take over the operating system. Researchers claim that this bug exists since at least 2015. This vulnerability was discovered by Nico Waisman, principal security engineer at Github. The vulnerability resides in the ‘rtlwifi‘ driver component of […]

Oct18 0

Cisco released 29 updates to address the vulnerabilities in its products. There is one critical vulnerability that was addressed in this set of updates. This vulnerability requires no authentication for exploitation and is remotely exploitable. 6 vulnerabilities are rated high in severity out of which 2 are related to Aironet. The other products which were […]

Oct16 0

Oracle has released 219 new security patches as a part of the quarterly update cycle. 142 vulnerabilities are remotely exploitable without user credentials. Oracle MySQL received 34 security patches. 9 vulnerabilities allow an attacker to exploit the underlying flaws over the network without any form of authentication. CVE-2019-8457 is considered to be the most critical […]

Oct16 0

Adobe released out-of-band security updates for four products. These updates addressed a total of 82 vulnerabilities. 46 vulnerabilities are rated critical and 31 vulnerabilities are rated important in severity. All the critical vulnerabilities lead to Arbitrary Code Execution and 34 vulnerabilities lead to disclosure of sensitive information. Adobe Acrobat and Reader 68 vulnerabilities were addressed […]

Oct15 0

Linux users, beware! One of the most powerful and well known command line utility, sudo, could aid users to gain superuser privileges in spite of the existing restrictions. With sudo being installed in almost all flavors of UNIX-like operating systems, a major number of users could possibly be affected. Who said security was easy? Right, […]

Oct14 0

Apple released security updates a week ago which included a fix for a zero-day vulnerability. Morphisec discovered active exploitation of an Apple vulnerability by BitPaymer/IEncrypt campaign. BitPaymer/IEncrypt campaign has been targeting various public and private sector industries spread across the U.S. This campaign uses spearphishing emails as its initial infection vector and delivers Dridex malware. […]

Oct11 0

iTerm2 is one of the most popular macOS terminal emulator and is a default choice for developers and administrators due to its extensive features like windows transparency, full-screen mode, notifications, integration with tmux etc. A critical remote code execution vulnerability has been discovered in iTerm2 by Radically Open Security, as part of an independent security […]

Oct11 0

Apple released a set of security updates for its products this month. There are a total of 24 CVEs which includes the first set of updates for Apple’s new macOS Catalina. MacOS Catalina, the latest version of Apple’s desktop operating system was released on October 7. Catalina comes with updated security features to protect the […]

Oct09 0

Microsoft rolls out October Patch Tuesday security updates today, remediating 60 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products. Out of these 9 are classified as “Critical“, and 51 as “Important”. There are no reported zero-days this month but there is one publicly disclosed vulnerability Windows Error Reporting […]

Oct04 0

Foxit has released a security advisory for Foxit Reader. There are eight high severity bugs that were fixed in this update. These vulnerabilities are: CVE-2019-5031 is a memory corruption vulnerability in JavaScript engine. An attacker can use a specially crafted PDF document to trigger an out-of-memory condition which is not handled properly. This vulnerability leads […]

Oct01 0

Exim is the most used MX server with more than 57% installations on mail servers reachable on the Internet. Exim has released an urgent security update today. The vendor had released an early security warning to install the updates immediately after release. The vulnerability is tracked as CVE-2019-16928 and classified as heap-based buffer overflow (CWE-122). […]

Sep27 0

A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Sep27 0

Apple has released a set of Security Updates to address the vulnerabilities in its products. There are a total of 5 CVEs. The affected products are MacOS, Safari, tvOS, iOS and WatchOS. CVE-2019-8641 is considered critical and is classified as out-of-bounds read (CWE-125), where an attacker can read data past the end, or before the […]

Sep26 0

Adobe released security updates for three vulnerabilities in ColdFusion. Two vulnerabilities are rated critical for arbitrary code execution and one is rated important for information disclosure. Adobe ColdFusion is a rapid development platform used for building modern web applications. As per the advisory, the vulnerabilities are outlined as follows: CVE-2019-8072 : An information disclosure vulnerability […]

Sep24 0

Microsoft has released out-of-band security updates to fix a critical remote code execution vulnerability in Microsoft Internet Explorer being exploited in-the-wild and a denial of service vulnerability in Microsoft Defender. CVE-2019-1367 is a zero-day remote code execution vulnerability that exists in the way the scripting engine in Internet Explorer handles objects in memory. This is […]

Sep23 0

Google has released urgent updates for 4 vulnerabilities. One of the vulnerability is rated Critical and the other three are rated High in severity. As per the Chrome advisory, the vulnerabilities are : CVE-2019-13685 : A critical Use-after-free issue in UI. CVE-2019-13688 : A Use-after-free issue in media. CVE-2019-13687 : A Use-after-free issue in media. […]

Sep19 0

phpMyAdmin is a free tool used by millions around the world to manage MySQL and MariaDB databases over the web. Joomla, WordPress, etc are some of the popular products which use phpMyAdmin. Manuel Garcia Cardenas, a security researcher, discovered a CSRF vulnerability which can meddle with the server configurations in phpMyAdmin. An attacker can […]

Sep11 0

Microsoft released its Patch Tuesday security updates today, revised 80 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and other products. Out of these 17 are classified as “Critical“, 61 as “Important”, and 1 as “Moderate“. While most of the “Critical” rated vulnerabilities influence the scripting engines and browsers in an […]

Sep09 0

Exim is a message transfer agent (MTA) which runs on Unix-like systems. Exim is a widely used mail server. According to search results on Shodan, there are 5 milllion servers running Exim. A critical remote code execution vulnerability was discovered in Exim Server by Zerons. All the Exim servers accepting TLS connections are deemed to […]

Aug27 0

Apple has released an emergency patch to fix a flaw in the kernel component. Reports indicate that Apple had accidentally reverted a patch previously issued for this vulnerability in May 2019. The devices which had installed updates released in June 2019 were exposed to this vulnerability again. This vulnerability was discovered by Ned Williamson of […]

Aug27 0

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Aug21 0

What is HTTP/2 ? HTTP/2 is an updated version of the HTTP protocol and was released in 2015. After the changes in HTTP specifications in 1999, this was the next major update that was issued for HTTP. HTTP/2 is based on SPDY protocol which is used in popular products like Google Chrome , Mozilla Firefox, […]

Aug14 0

Adobe released its monthly set of security updates to address the vulnerabilities in its products. This month’s release consists of 119 vulnerabilities addressed in 8 advisories. 25 vulnerabilities are rated critical and 94 vulnerabilities are rated important. These vulnerabilities impact Adobe After Effects CC, Adobe Character Animator CC, Adobe Premiere Pro CC, Adobe Prelude CC, […]

Aug14 0

Microsoft is back with its monthly set of security updates, addressing a total of 96 vulnerabilities with 29 rated critical and 68 rated important. 36 vulnerabilities lead to remote code execution. 24 vulnerabilities can allow an attacker gain elevated privileges on your system. There are no reported zero-days this month and no publicly disclosed vulnerabilities. […]

Aug13 0

SQLite is a cross-platform relational database management system. It is known to be the most used database engine in the world. The vendor claims that there are billions of deployments of SQLite and is used by several applications like Skype, Firefox, Chrome, Safari, etc. Researchers showcased how SQL language can be used to exploit the […]

Jul24 0

ProFTPd is an open-source, cross-platform FTP server and is one among the most popular FTP servers used in Unix-like environments. It comes pre-installed with many Linux and Unix distributions and is used by a number of popular businesses and websites including SourceForge, Samba and Slackware. An improper access control vulnerability has been discovered in ProFTPD, […]

Jul24 1

Apple released a set of security updates to address vulnerabilities in its various products. About 49 vulnerabilities were identified and fixed by Apple in these security updates. Out of the 49, 44 CVEs were relevant to MacOS, while 23 CVEs were reported for iCloud, Safari, and iTunes each. And 29 flaws are considered severe and […]

Jul23 2

Exams were round the corner and I had a crucial decision to make – accept the job offers that I got through campus interviews or search for a job of my own interest. Being a part of the 1 million engineering graduates that India annually produces, I knew to find the perfect job was not […]

Jul12 0

Some facts before you read further: 1) Zoom client is installed on 4 million Mac computers worldwide. 2) Zoom client on mac can let an attacker connect you to a video call without your consent. 3) 4 million Mac users worldwide can be forcibly connected to a video call without their approval !! Zoom Client […]

Jul10 0

Microsoft released its monthly set of security updates today. 77 vulnerabilities were addressed in these updates with 15 vulnerabilities rated critical and 62 vulnerabilities rated important in severity. All the critical vulnerabilities lead to remote code execution. 51 vulnerabilities were addressed in Windows alone. Microsoft also fixed an elevation of privilege vulnerability (CVE-2019-1130) in Windows […]

Jul03 0

A critical vulnerability has been discovered recently in QEMU (Quick Emulator). Beware of the Command execution vulnerability that exists in QEMU, a hosted virtual machine monitor. It was recently discovered that the QEMU Guest agent’s command ‘guest_exec‘ has encountered a critical OS command injection vulnerability which allows any remote unauthenticated attacker to gain sensitive information, […]

Jun24 0

Privilege Escalation Vulnerabilities are a dime a dozen these days. But, what if an attacker could take control of an application which runs with the highest privileges? Then it’s an apocalypse! A flaw in an application running with administrator privileges has left millions of Dell PCs vulnerable. What is Dell SupportAssist? Dell SupportAssist is a […]

Jun24 0

A campaign targeting government organizations in Central Asia was discovered delivering a backdoor named HAWKBALL. This backdoor can collect information from the victim’s system and it can also deliver various payloads. It offers an attacker a range of malicious capabilities including examining the host, executing native Windows commands, terminating processes, creating, deleting files, uploading files, […]

Jun20 0

image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical vulnerability in Oracle WebLogic Server. A deserialization flaw allows remote code execution and is tracked with CVE-2019-2729. This vulnerability is rated critical and is found to be exploited in-the-wild. The vulnerability exists due to a deserialization flaw in XMLDecoder in Oracle […]

Jun17 0

Exim, one of the most popular open source mail transfer agent (MTA) in Linux systems, is now being exploited by attackers all over the world. Currently, more than 3.5 million servers are at risk worldwide. The critical vulnerability which is already fixed by the vendor has still not been patched in most of the operating […]

Jun12 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 88 new vulnerabilities, with 21 of them rated critical, 66 are rated Important and 1 is listed as Moderate in severity. These vulnerabilities impact Servicing Stack Updates, Windows Kernel, […]

Jun11 0

Code Red! To all the Linux users out there, you have a high probability of getting your system hacked if you are using an older version of the command-line text editor. The most popular and commonly used Vim editor and it’s extension, the Neovim editor were recently found to be vulnerable to arbitrary code execution […]

Jun11 0

VLC released a minor update for Vetineri, the 3.0.x release line of VLC Media Player. This has been considered an important update as it received 33 security bug fixes. Jean-Baptiste Kempf, the president of VideoLAN non-profit org, pointed out that this release has fixed the highest number of security issues so far. The two major […]

Jun10 0

Credits : thehackernews.com Patch Tuesday is just around the corner and SandboxEscaper has continued to drop exploits one after another. A second bypass exploit, named ByeBear was brought out in the open for the already patched CVE-2019-0841. SanboxEscaper published four other zero-days including the first exploit for CVE-2019-0841. CVE-2019-0841 This is an elevation of privilege […]

May24 0

With just a week gone by after the Patch Tuesday, an anonymous researcher identified as SandboxEscaper found this to be the apt time to promulgate an exploit in Windows systems. This simple, yet efficient exploit could elevate privileges on a machine to allow modification of certain restricted files which are accessible only with administrator privileges. […]

May16 0

A new set of security vulnerabilities have put major tech giants and security researchers on the run. Just a set of software updates should be able to fix this. Isn’t it? The answer would be a yes and no. So let’s find out. The systems using Intel processors can be exploited using a set of […]

May15 0

Alpine Linux is a simple and resource efficient OS which was built based on muscl and Busybox. Due to these optimized features, Alpine Linux behaves as a great docker container. A security vulnerability has been discovered in Alpine Linux docker image(since v3.3). Alpine Linux docker image has default root credentials with an empty or null […]

May15 1

It’s Microsoft Patch Tuesday again! And this time, the security updates have addressed a total of 79 vulnerabilities with 22 rated as critical and 57 rated as important. And yet again, a little more than half of the vulnerabilities lead to Remote Code Execution. It is worthy to note that the updates addressed an actively […]

May09 0

Image Credit: threatpost.com Description: A remote code execution vulnerability exists in Microsoft SharePoint. This vulnerability, tracked as CVE-2019-0604 was reported by Markus Wulftange. This vulnerability was rated critical. However, no exploits were seen at the time of release. Now, a number of organizations reported active exploits of this vulnerability in regions of Canada and Middle […]

Apr29 0

Oracle released the quarterly critical patch updates in April 2019. And in less than a week, a zero-day was found exploiting in-the-wild. The vulnerability exists in Oracle Weblogic Server which has been targeted repeatedly due to its popularity and access to huge business sensitive information. What is the issue? A remote code execution vulnerability exists […]

Apr26 0

A Zero-day vulnerability has been discovered in Internet Explorer that can allow attackers to steal files from the Windows systems. The vulnerability resides in the way Internet Explorer processes MHT(MIME HTML web archive) files and can be easily exploited by tricking users into opening a specially crafted MHT file. MHT is a Web page archive […]

Apr22 0

While we all breathed a sigh of relief after patching our systems against the two zero-days reported in the April Patch Tuesday, news broke out that one of them was actively exploited in the wild and could allow an attacker to completely compromise your system. This is another case of win32k.sys in jeopardy. This vulnerability, […]

Apr11 0

Adobe brought out its monthly set of security updates to address the vulnerabilities in its products. This month’s release consists of 43 vulnerabilities addressed in 8 advisories. 24 CVEs are rated critical, 18 CVEs are rated important and 1 CVE is rated moderate in severity. The critical vulnerabilities all lead to Arbitrary Code Execution which […]

Apr10 0

Microsoft is back with its monthly set of security updates, addressing a total of 75 vulnerabilities with 17 rated critical and 58 rated important. More than 30 vulnerabilities can lead to Remote Code Execution. 2 CVEs are being exploited in the wild and need immediate attention. There are no CVEs which were publicly disclosed. Zero-Days […]

Mar18 0

A Critical 19 year old remote code execution vulnerability has been identified in the WinRAR which is currently being actively exploited in the wild. The vulnerability is tracked as CVE-2018-20250 and exists in the library ‘unacev2.dll‘, library used to extract the old and rarely used ACE archive format. This vulnerability allows attackers to completely take […]

Mar13 0

Microsoft is back with its monthly set of security updates and brings with it 64 vulnerabilities. 17 of them are rated critical, 45 are rated important, 1 rated moderate and another rated low in severity. 35 CVEs were reported for Windows alone, which is the highest count amongst the vulnerabilities reported for other products this […]

Feb13 0

Microsoft released its monthly set of security updates to address the vulnerabilities in its products today. The number of vulnerabilities reported each month has come up again after the dip from last October. There are 77 vulnerabilities reported with 20 CVEs rated critical and 51 CVEs rated important. These updates have addressed the issues in […]

Jan09 0

Microsoft released its monthly set of security updates to address the vulnerabilities in its products today. There are 49 vulnerabilities with 7 rated critical for Remote Code Execution , 40 rated important and 2 rated moderate in severity. These updates have addressed the issues in Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, […]

Dec28 0

Spectre and Meltdown vulnerabilities are one of the most significant known hardware vulnerabilities that affect the modern computer processors. Meltdown and Spectre vulnerabilities were exploited through malicious programs to retrieve secrets stored in the memory of other running programs, sensitive information like passwords. Both ‘Meltdown’ and ‘Spectre’ make use of a feature in the processor […]

Dec12 0

Microsoft released its monthly set of security updates to address the vulnerabilities in its products today. There are 39 vulnerabilities listed with 9 rated critical and 30 rated important in severity. These updates have addressed the issues in Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, ChakraCore, .NET Framework, etc. Zero-day attacks Two […]

Dec06 0

Image Source: wikimedia.org Apple released a set of security updates for its products this month. There are ten products which received the updates including Apple’s new brain child, MacOS Mojave which was newly launched in September. This update addresses a set of 26 vulnerabilities. And, the products listed under this update are macOS Mojave 10.14.2, […]

Nov30 0

Overview: By Default, updates for Click-To-Run installations of MS Office 2013 and 2016 are not offered by Microsoft through Windows updates, rather we need to manually update by opening an application or set to update automatically. In this article, we will explain how we can install updates manually and how we can configure the Windows […]

Nov19 0

January 2018 saw the rise of Meltdown and Spectre vulnerabilities concerning speculative execution side channels. A subclass of speculative execution side-channel vulnerability, termed as Speculative Store Bypass (SSB) was announced by Microsoft in collaboration with Google researchers, and was assigned CVE-2018-3639. While Microsoft released several updates as a fix to this vulnerability, some additional measures […]

Nov14 0

This November, Microsoft released monthly security patches covering total 63 vulnerabilities, with 12 of them rated critical, 47 are rated Important, one is rated Moderate and three are Low in Severity. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Core, Skype for Business, […]

Oct17 0

Overview: The Microsoft has re-released a patch for CVE-2017-8529 to fix a print issue related to this vulnerability. The patch is not fully applied unless certain registry keys are set even after installing the respective Operating System patches. This article describes the steps to update registry settings to be fully protected from this vulnerability. Affected OS: […]

Oct11 0

Adobe, this Tuesday as always released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 4 advisories with 16 vulnerabilities, with 4 of them rated critical, 10 are rated important and 2 as moderate in severity. These vulnerabilities impact Adobe Technical Communications Suite, Adobe Framemaker, […]

Oct10 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 49 new vulnerabilities, with 12 of them rated critical, 34 are rated Important, two are listed as Moderate and one as low in severity. These vulnerabilities impact Microsoft Edge, […]

Sep12 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 62 new vulnerabilities, with 17 of them rated critical, 43 are rated Important, one is listed as Moderate in severity. These vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft […]

Sep05 0

Saner 4.1 unveils feature-packed release for Patch Management and encompasses performance optimization in all the tools. It offers patch rollback mechanisms for various Linux and Mac operating systems and supports remediation for non-security patches too. Following are the highlights of Saner 4.1 Release: Patch Management Automation now supports security and non-security patches. A software patch […]

Aug24 0

A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Aug16 0

Adobe, This Tuesday as always released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 4 advisories with 11 vulnerabilities , with 2 of them rated critical, 6 are rated important and 3 as moderate in severity. These vulnerabilities impact Acrobat Reader and Acrobat […]

Aug15 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 60 new vulnerabilities, with 20 of them rated critical, 38 are rated Important, one is listed as Moderate and one as Low in severity. These vulnerabilities impact Microsoft […]

Jul11 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 53 new vulnerabilities, with 18 of them rated critical, 33 are rated Important, and one is listed as Moderate in severity. These vulnerabilities impact Microsoft Windows, Internet Explorer, […]

Jul11 0

Adobe, This Tuesday as always released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 4 advisories with 112 vulnerabilities , with 78 of them rated critical, 34 are rated important in severity. These vulnerabilities impact Acrobat Reader and Acrobat products, Adobe […]

Jun22 0

Microsoft Edge and Mozilla Firefox browsers have been identified to have a severe bug that can allow remote attackers to steal the data of the users. If a user visits a malicious website, the website can steal the sensitive content of the user’s online accounts from other websites where the user have logged-in the same browser. The […]

Jun22 0

Computers are alive and talking and exchanging ideas and walking around and driving cars and writing poems but, yeah that’s a big BUT, how secure are they while moving so forward? One dropped detail in this big exploration can lead to catastrophe. The hot deal among tech giants today is a virtual private assistant, from […]

Jun19 0

When I had just joined SecPod, I had this question lingering in my mind as to what it meant to be working here. But now, I feel I can take the privilege to answer it after having worked over here for over 8 years. SecPod, an organization where our creative desires are satisfied to the fullest, […]

Jun13 0

Today Microsoft released regular monthly patches, fixing a total of 50 vulnerabilities. Among these Microsoft rated 11 as Critical and rest 39 as Important. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps. This month […]

May17 0

Adobe on Monday released security advisories for its Acrobat and Reader, and Photoshop products. These advisories address 48 vulnerabilities , with 25 of them rated critical and 23 rated important. Both the products suffer from critical vulnerabilities. In the wild Security researchers from Slovak antivirus vendor ESET bumped into an Adobe zero-day vulnerability when they discovered […]

May09 0

Today, Microsoft and Adobe have released their monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 72 new vulnerabilities and one advisory, with 22 of them rated critical, 48 are rated Important, 2 are listed as Low in severity and 3 are […]

Apr27 0

Five hours! Five hours! That’s how long it took for hackers to exploit Drupal vulnerability (CVE-2018-7602) after the patches were released. This time, instead of releasing the patches straight away, Drupal dropped a PSA(Public Service Announcement) approximately two days before releasing the updates to get the website owners and developers ready to patch out […]

Apr27 0

Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. A configured instance to host applications and resources. Oracle in October 2017 published a critical arbitrary code execution vulnerability concerning Oracle WebLogic and assigned cve CVE-2017-10271. The critical Java deserialization vulnerability in WebLogic’s ‘WLS Security’ subcomponent was the result of […]

Apr24 0

More than a million active websites use Drupal, making it the second most used content management system worldwide after WordPress. On March 28, 2018, Drupal released security patches for versions 6 to 8 suggesting to update immediately and marking the underlying vulnerability (CVE-2018-7600) as critical with remote code execution. The scanning and attacks on […]

Apr16 0

Adobe, This Tuesday as always released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 6 advisories and 19 vulnerabilities , with 6 of them rated critical, 12 are rated important and 1 as moderate in severity. These vulnerabilities impact Adobe […]

Apr11 0

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 67 new vulnerabilities and one advisory, with 24 of them rated critical, 42 are rated Important, and one is listed as Moderate in severity . These vulnerabilities impact […]

Mar22 0

Image courtesy: maketecheasier.com Need help to fix your Windows PC? Well, Windows Remote Assistance (MSRA) has a lot to offer than just help, it can get you hacked! An XXE (XML External Entity) vulnerability was found affecting all the versions of Windows till date including Windows 7, 8.1, RT 8.1 and 10. The vulnerability can […]

Mar16 0

Tech giant Adobe on March 13 released security updates patching up critical and important security holes in its Dreamweaver CC, Adobe Connect and Flash Player products. Dreamweaver CC is used for website creation, Connect is used for web meetings and Flash Player is used for executing and displaying content from a Small Web Format […]

Mar14 0

Today Microsoft released regular patches fixing a total of 75 vulnerabilities. Among these Microsoft rated 14 CVEs as Critical and rest 61 as Important. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps. This Patch Tuesday major critical […]

Mar09 0

We are unleashing our new endpoint security and systems management platform on 27th March 2018. The journey began in the year 2011 when an idea prompted by a fellow SecPod-ian created an instant excitement in me. Little did we know, that it would consume the next seven years of our life to build this technology! […]

Mar06 0

After last year’s Service Message Block (SMB) ultra-shock, this year a new denial-of-service vulnerability is discovered in SMBv3 which can be exploited to crash Windows 8.1 and Windows Server 2012 R2 machines with a single packet. This vulnerability has been assigned CVE-2018-0833. Technical Jargon: The negotiation of the SMBv3 session always starts with an […]

Feb15 0

Adobe, one of the most admired Tech firms today, released security updates patching up critical, important and moderate security holes in its Adobe Acrobat, Reader and Experience Manager products. Adobe Experience Manager (AEM) is an enterprise web content management system that facilitates organizing, managing, and delivering creative assets. Together, patches for 43 vulnerabilities were released […]

Feb14 0

This valentine’s day Microsoft released security patches addressing a total of 50 security vulnerabilities in various Microsoft products along with additional patches for the Meltdown and Spectre vulnerabilities (ADV180002), as a part of regulr patch tuesday. Among these 14 rated as Critical, 34 rated as Important and 2 rated as Moderate. These vulnerabilities impact Outlook, Edge, […]

Feb02 1

A new critical Adobe Flash Player zero-day vulnerability has been reported in the wild. The vulnerability identified as CVE-2018-4878 is currently believed to be actively being exploited against South Koreans. According to the South Korean Computer Emergency Response Team which discovered the zero-day, the zero-day is believed to be a Flash SWF file embedded in MS Word documents. An attacker just […]

Feb01 0

Oracle Micros POS is a hospitality management platform providing enterprise point-of-sale (POS) and back-office functionality to support a wide range of food and beverage operations. Oracle’s MICROS has more than 330,000 cash registers worldwide and currently, Oracle is the third-largest provider of PoS software on the market. Oracle in January 2018 as part of their quarterly patching […]

Jan25 0

Image Source: www.digitaltrends.com Apple released security updates this week, which affects macOS High Sierra, OS X El Capitan, iPhone, iPad, iPod, Apple TV and all Apple Watch models. These security updates addresses total of 17 vulnerabilities (CVE’s), Out of these 17 vulnerabilities 10 lead to arbitrary code execution. Along with security updates tech giant also […]

Jan10 0

Start of this new year, Meltdown and Spectre kept us busy. Today Microsoft released regular patches fixing a total of 23 vulnerabilities. Among these Microsoft rated one CVE as Critical, 20 as Important, one as Moderate and last one as Low. Microsoft also released 2 advisories for Adobe and Microsoft Office. Out of these 23 […]

Jan04 0

Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel. These vulnerabilities allow an attacker to access […]

Dec15 0

Image Source: mspoweruser.comMicrosoft fixed two critical remote code execution vulnerabilities, reported in ‘Microsoft Malware Protection Engine‘. Microsoft Malware Protection Engine scans files in real-time. These capabilities like scanning, detection, and cleaning are available in products like Windows Defender, Malware scanner, Microsoft Security Essentials, Microsoft Forefront Endpoint Protection, Microsoft Forefront Security for SharePoint Service, Windows Intune Endpoint […]

Dec13 0

Microsoft December 2017 Patch Tuesday addresses 32 security vulnerabilities in six of its main product categories. Among these 20 CVE’s are rated as Critical, and 12 are rated as Important. None of the Windows OS patches are rated as critical, and there are no zero days patched in this month, although Internet Explorer with 13 patched vulnerabilities (9 critical) and Edge with […]

Nov30 0

Image Source: thestack.com Intel identified eight security vulnerabilities and released security advisory last week, affecting Intel core CPU technologies Intel Management Engine (ME), Server Platform Service (SPS) and Trusted Execution Engine (TXE). These vulnerabilities allow an unauthorized process to access privileged content, attackers with local or remote admin access to the system to execute arbitrary […]

Nov29 0

A serious security flaw affecting all versions of Microsoft Office has been discovered by security researcher Lino Antonio Buono. The flaw is within the legitimate feature of Microsoft Office allowing malicious actors to create and spreads macro-based self-replicating malware. The flaw takes advantage of fact that a registry key value dictates whether external (or untrusted) macros can […]

Nov16 0

Microsoft November 2017 Patch Tuesday addresses 53 security vulnerabilities in six of it’s main product categories. Amoung these 19 CVE’s are rated as Critical, 31 are rated as Important, and 3 are moderate. None of the Windows OS patches are rated as critical, and there are no zero days patched in this month. But according […]

Nov16 0

Adobe has unleashed security patches for most of its major products in its November security updates. Security updates include products, Adobe Flash Player, Adobe Photoshop CC, Adobe InDesign, Adobe Connect, Adobe Acrobat and Reader, Adobe DNG Converter, Adobe Digital Editions, and Adobe shock player. Total of 83 vulnerabilities have been issued with patch, which includes […]

Oct30 0

A major ransomware attack named “BadRabbit” is disrupting systems across Europe. The attack has been spreading wildly. BadRabbit locks out a user from login and demands a ransom worth of ~300$ in BitCoin. Some of the countries that are targeted are Russia, Ukraine, Bulgaria, and Turkey. Russian victims were the biggest targets accounting to about 71% of […]

Oct30 0

Source: thehackernews.com Return of Coppersmith’s Attack, or ROCA for short is a cryptographic weakness in generation of RSA keys, that allows the private key of a key pair to be recovered from the public key. RSA is a public key cryptosystem widely used for secure data transmission. The vulnerability tracked as CVE-2017-15361, affects RSA key […]

Oct26 0

Introduction Security attacks and breaches happen routinely, costing companies millions of dollars, along with a decline in their reputation and the public’s trust in them. Attackers are constantly innovating on the different methods and paths to infiltrate networks and steal confidential information. Major data breaches occur because companies fail to patch critical vulnerabilities in time. […]

Oct18 0

Adobe has released a critical security patch (APSB17-32) for Adobe Flash Player. This update addresses a critical type confusion vulnerability that could lead to code execution. Windows, Macintosh and Linux operating systems are affected. This vulnerability is identified with CVE-2017-11292. A security researcher from Kaspersky Labs have uncovered this new zero-day remote code execution vulnerability […]

Oct18 0

A major new security flaw has been discovered and it affects practically every device that uses Wi-Fi. Its called KRACK (Key Reinstallation Attacks), and its very easy for attackers to decrypt and spy on anything a victim do online, which includes any passwords that a victim types or any documents sent can be seen by […]

Oct18 0

Over 5.3 billion devices across windows, Linux, ios, and android are affected with a new attack vector called BlueBorne. Unless traditional attacks, this attack vector spreads over the air via Bluetooth and hacker does not need to pair with each device. If Bluetooth is turned on, the hacker can get control of the device, spread the malware, […]

Oct13 0

Microsoft October 2017 Patch Tuesday addresses 62 security vulnerabilities in eight of it’s main product categories. Amoung these 28 CVE’s are rated as Critical, 34 are rated as Important. Microsoft addressed three publicly disclosed issues in the October 2017 Patch Tuesday update, one of them is actively exploited in the wild. The bug which is […]

Oct09 0

Apache Wicket is an open source, server side, Java web application framework and used by quite a few big sites. It is discovered that the ‘encrypted url feature‘, which is expected to protect from CSRF (Cross-Site Request Forgery) attack, but it fails to provide enough protection against CSRF attack in Apache Wicket. Encrypted URLs and stateful […]

Sep20 0

CCleaner is a system cleanup tool by Piriform, which is now owned by Avast. A suspicious activity was identified on September 12th, 2017, where an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner. Later it was found that the 5.33.6162 version of CCleaner was illegally modified before it was released […]

Sep18 0

Microsoft September 2017 Patch Tuesday released total of 94 individual security updates addressing total of 84 CVE’s, in addition to the 2 vulnerabilities for Adobe Flash Player. Among these, 27 are rated as Critical, 54 are rated as Important, and 2 are rated as moderate. September Security Update includes patches for 39 vulnerabilities leading to RCE […]

Sep15 0

Adobe has released four security updates for Adobe Flash Player (APSB17-28), Adobe RoboHelp(APSB17-28), and Adobe Cold Fusion (APSB17-30) which covers a total of 8 CVE’s. Adobe Flash Player address two critical memory corruption vulnerabilities that could lead to code execution. Adobe Cold Fusion address a critical XML parsing vulnerability, an important cross-site scripting vulnerability that could lead to […]

Sep11 0

Image Credit: Threatpost A critical remote code execution vulnerability has been recently discovered in the popular Apache Struts web application framework allowing a remote attacker to execute arbitrary code on any server running an application built using the affected Struts framework and the popular REST communication plugin. This flaw is due to an unsafe deserialization (Deserialization is […]

Sep07 0

VisualDiscovery is an Adware program by SuperFish.inc. VisualDiscovery was able to access consumer’s personal information sent online, including login credentials, social security numbers, medical information, and financial information. VisualDiscovery Adware comes bundled with many free software’s that are available over the internet. Between 2014 to 2015 VisualDiscovery came as a pre installed software on […]

Aug30 0

Foxit reader is prone to two remote code execution zero day vulnerabilities, which are found by Steven Seeley (mr_me) and Ariele Caltabiano (kimiya). Both vulnerabilities are due to the lack of proper validation of user-supplied data, which can lead to writing arbitrary files into attacker controlled locations and also launching of any executable files. User interaction is […]

Aug23 1

Image Source: pcworld Ever wonder why your system running slower than usual, and how those annoying random messages pop-up? or the newly added extensions in your browser, which you never used. The browser can’t load pages, internet connectivity is one thing but your computer is always slow. Those crashes that happen every now and then, […]

Aug18 0

SMBLoris is a remote, unauthenticated application-level denial of service (DoS) attack against Microsoft Windows operating systems. It is caused by a very old memory-handling bug in the Server Message Block (SMB) network protocol implementation. The vulnerability lies in the way SMB packets are processed and memory is allocated. It was discovered by two RiskSense security researchers — Sean […]

Aug11 0

Microsoft August 2017 Patch Tuesday addresses 48 security vulnerabilities in six of it’s main product categories. Amoung these 25 CVE’s are rated as Critical, 21 are rated as Important and 2 are rated as Moderate. More than two dozen remote code execution vulnerabilities are addressed in August 2017 security update. Among these security vulnerabilities, two […]

Aug10 0

Adobe has released four security updates for Adobe Flash Player (APSB17-23), Adobe Experience Manager (APSB17-26), Adobe Acrobat and Reader (APSB17-24) and Adobe Digital Editions (APSB17-27) which covers a total of 80 CVE’s. Adobe Flash Player address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could […]

Jul26 Comments Off

Oracle has released 308 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update – July 2017 provides fixes for a wide range of product families including Oracle Database Server, Oracle BI Publisher, Oracle Business Intelligence Enterprise Edition, Oracle Endeca Server, Oracle Fusion Middleware, Oracle Outside In Technology, Oracle WebLogic […]

Jul14 Comments Off

Microsoft July 2017 Patch Tuesday addresses 51 security vulnerabilities in addition to 3 vulnerabilities for Adobe Flash Player. 19 vulnerabilities are rated as Critical, 32 are rated as Important and 3 are rated as Moderate. 12 Critical vulnerabilities affect Microsoft Scripting Engine which can result in Remote Code Execution. The other critical vulnerabilities affect Internet Explorer, Edge, and Windows. […]

Jul13 Comments Off

Adobe has released two security updates for Adobe Flash Player (APSB17-21) and Adobe Connect (APSB17-22) which covers a total of 6 CVEs. Adobe Flash Player addresses a critical vulnerability that could potentially allow an attacker to execute arbitrary code and resolves two important vulnerabilities that could lead to Information disclosure and Memory address disclosure. Adobe Connect addresses two […]

Jul03 0

As stated in the IoT Ransomware Attacks – Part 1 IoT ransomware is not just holding your data hostage, it can lead to denial of service until the demanded ransom is payed to the hackers, which is quiet a big market for hackers to see money. There will be greater threat for all industries using […]

Jun28 0

Yet another large scale widespread ransomware attack immobilized many organizations around the world. Last month we had seen the infamous WannaCry taking over the world by affecting more than 3 million computers in over 150 countries, with the UK’s national health service, and German state railways among those hardest hit. This time it is Petya(NotPetya, Petna, or SortaPetya), […]

Jun28 0

Saner 3.0 provides new administrative controls, consolidated reports across all clients, additional endpoint probes, scaling/performance improvements, and a variety of usability enhancements. Saner 3.0 Role-based Access Control New Features: Multiple User Roles are classified as Administrators, Account Administrators, Super Users, Normal Users, Server Administrators. Administrators can create multiple account administrators to delegate management of client/site accounts. Similarly, […]

Jun21 0

Ransomware has already managed to carve itself a slot as one of the main cyber security threats in recent years. Individuals, government agencies, and private organizations are each taking precautionary steps to protect against ransomware that can encrypt files beyond one’s reach. What we’re ignoring though is the next wave of ransomware attacks which will […]

Jun20 0

Microsoft June 2017 Patch Tuesday addressing 97 security vulnerabilities including fixing two critical vulnerabilities Windows Search Remote Code Execution (CVE-2017-8543) and LNK Remote Code Execution (CVE-2017-8464), are being actively exploited in the wild. The most dangerous vulnerability exists in Windows Search Service (WSS), a feature in Windows that allows users to search across multiple Windows […]

Jun16 0

Adobe has released three security updates for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions (APSB17-20) which covers a total of 20 CVEs. Adobe Flash Player address critical vulnerabilities that could potentially allow an attacker to take control of the affected system, Digital Editions resolves few critical and important vulnerabilities that […]

Jun13 0

There may be a possible ‘second wave’ of massive global cyber attack, as SMB (Server Message Block) was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers release. The WannaCry emergency cannot be ended because the NSA Tools leaked by the Shadow Brokers team included many other dangerous […]

Jun01 0

In the first week of April 2017, an unknown hacking group called Shadow Brokers leaked an exploitation framework referred as the FuzzBunch, from the Equation Group (one of the most sophisticated attack groups in the world and widely suspected of being tied to the United States National Security Agency (NSA)). This framework consisted of several unauthenticated […]

May26 0

A 7-year-old Critical Remote Code Execution vulnerability has been found in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines. Samba is the defacto standard for providing Windows-based file and print services on Unix and Linux systems. Many systems run Samba and it is usually […]

May23 0

The blackhats have created a new strain of malware that targets the same vulnerability as the WannaCry ransomware from the first week of May. The Malware is called as EternalRocks, which uses the same flaw in Microsoft’s SMB networking protocol to infect other Windows systems that haven’t yet been patched with MS17-010. However, this new […]

May23 0

Apple fixed 141 vulnerabilities across multiple products including macOS Sierra, iOS, watchOS, tvOS, iCloud, Safari, and iTunes. Most of the vulnerabilities exist in some instances with root privileges (41 in iOS 41, 37 in macOS Sierra, 23 in tvOS and 12 in watchOS) and could lead to arbitrary code execution. Apple also fixed 26 vulnerabilities in Safari browser, which could lead to […]

May17 0

In the last few days, we saw how “WannaCry” ransomware crippled 3 million Windows systems around 150 countries. To understand the technical details on “WannaCry”, read our previous blog. Source: securelist.comHow to protect against “WannaCry”: There are two methods, 1. Solution: Fix the vulnerability by applying patch mentioned in MS17-010 (Recommended) 2. Workaround: Disable SMBv1 Read “Protecting Against […]

May15 0

WannaCry (also known as Wana Decrypt0r 2.0, Wannacryptor, WannaCrypt, wana Decryptor) ransomware disrupts 2-3 millions of devices around 150 countries, taking important files as a hostage and demanding a ransom of $600 worth of bitcoins. The ransomware is found to be using the old SMB vulnerability (MS17-010 released in April 2017) to spread across devices. There was no second doubt […]

May15 0

Strbleed is a critical flaw in the implementation of Simple Network Management Protocol (SNMP). It leads to access-control bypass, possibly involving an ISP customization in some cases. The authentication bypass vulnerability affects several IoT devices, which can be exploited by attackers by sending random values in specific requests. The vulnerability is tracked as CVE 2017-5135. SNMP […]

May15 0

The Magic Button There is a magic button that is going to save us all. Mathematical modeling, sandboxing, behavioral analysis, machine learning, EDR, what not button. Just click it. Patching vulnerability is gone thing, who is going to sit and roll out those tedious little things. I have invested in magic button. Why should we […]

May12 0

Microsoft May 2017 Patch Tuesday addressing 56 security vulnerabilities in addition to 7 vulnerabilities for Adobe Flash Player. The May security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps NET Framework Adobe Flash Player Three Windows Zero-day vulnerabilities have […]

May12 0

Adobe has released two security updates for Adobe Flash Player, and Adobe Experience Manager Forms. The updates addresses a critical vulnerability in Adobe Flash Player and an important vulnerability in Adobe Experience Manager Forms. The security update covers a total of 8 CVE’s. These flaws allow attackers to take complete control of the system. The Linux and Mac operating systems […]

May03 0

Over the past few years, enterprises have been hit by complex and advanced ransomware attacks. With a heroic entry, they came and conquered many. Enterprises have seen their most important data locked in the hands of criminals expecting a ransom for their illegal activity. When they left, they also took with them the enterprise’s money, […]

Apr28 Comments Off

Oracle has released 300 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update – April 2017 provides fixes for: Database Server, Oracle Secure Backup, Oracle Berkeley DB, Oracle API Gateway, Oracle Fusion Middleware Products, Enterprise Manager Base Platform, Oracle E-Business Suite, Oracle Transportation Manager, PeopleSoft Applications, JD Edwards EnterpriseOne […]

Apr18 0

In the third and final part of this series, we will explore Cerber, the most devious ransomware, and its behavior. Red Cerber: The campaign of Red Cerber started in early 2017 after a small break. Developers of Cerber came up with a new and deadly version which had some improvements in its behavior. It noticeably changes […]

Apr10 0

Let’s continue from where we left off last week, and will go through the behavior patterns of the next versions of the Cerber Ransomware. Cerber3.0: Cerber3.0 RIG-V exploit kit is an updated version of Cerber2.0. After the release of Cerber2, security vendors released some decryptors to decrypt the files that were encrypted by the ransomware. […]

Apr05 0

Breaches continue to occur regardless of existing tools. In Feb 2017, a hack compromised the account details of more than 2.5 million PlayStation and Xbox users. The data breach happened in 2015 but was only found out this year. Lack of visibility and endpoint security controls contributes to security breaches and financial loss. A combination […]

Apr03 0

Cerber is a pernicious ransomware and one of the top 3 ransomware in the world. Cerber has been growing exponentially since early march of 2016. The notorious ransomware is now in its 5th version as the developers of the ransomware have been continuously improving their code to avoid end point security counter-measure. So far we […]

Mar28 Comments Off

Image Credit: Cybellum A 15-year-old Microsoft Windows Zero-Day vulnerability, dubbed as DoubleAgent, has been discovered. It could allow anyone to take full control of the system. It is a new code injection technique that works on all the versions of Microsoft Windows Operating Systems, even on the latest release of Windows 10. It can exploit […]

Mar17 0

Microsoft March 2017 Patch Tuesday brings 18 Security bulletins addressing 139 security vulnerabilities in addition to 7 vulnerabilities for Adobe Flash Player. Nine bulletins are rated as Critical, nine are rated as Important. The Nine Critical bulletins are as follows: MS17-006 for Internet Explorer browser covers 12 CVE’s MS17-007 for Microsoft Edge covers 32 CVE’s MS17-008 […]

Mar17 0

Adobe has released a critical security patch for Adobe Flash Player. The patch addresses seven (7) flaws including multiple code execution vulnerabilities. These flaws allow attackers to take complete control of the systems. The Linux and Mac operating systems are affected apart from Windows. Here are the details of the 7 vulnerabilities patched in APSB17-07 update: A […]

Mar13 0

The Model-View-Framework Apache Struts2, an open source and free framework for simplifying the creation of web applications in Java has been recently patched to mitigate a zero day vulnerability. Apache Struts2 is been affected with a new vulnerability which is being actively exploited in the wild. The vulnerability is a possible Remote Code Execution which […]

Mar10 0

Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function designed by the National Security Agency to be part of Digital Signature Algorithm. A hash function is a method to map an arbitrary set of data to data of fixed size called hashes or digests. And the hashing is used for digital signatures, one […]

Feb21 0

(Image source: WordPress ) WordPress the easiest, one of the most powerful blogging and website content management system has silently fixed a dangerous vulnerability in WordPress REST API Endpoint which was recently added to WordPress version 4.7.0 and enabled by default. The REST API has been affected by an unauthenticated privilege escalation vulnerability, that could possibly lead to […]

Feb20 0

A new zero-day exploit exists in the wild for Windows SMB. Security researcher Gaffie discovered this vulnerability three months ago. Since Microsoft failed to patch it in the past three months, he released it. This vulnerability is specifically a null pointer dereference error in SMB (server message block) which allows a remote, unauthenticated attacker to cause […]

Feb16 0

Adobe has released three security updates for Adobe Flash Player (APSB17-04), Adobe Digital Editions (APSB17-05), and Adobe Campaign (APSB17-06) which covers a total of 24 CVEs. These updates for Adobe Flash Player address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. For Digital Editions it resolves a critical heap buffer overflow vulnerability that could lead to […]

Jan12 0

Adobe has released two critical security updates for Adobe Acrobat and Reader (APSB17-01) and Adobe Flash Player (APSB17-02) which covers a total of 42 CVEs. The security update for Adobe Acrobat and Reader resolve use-after-free, type confusion, heap buffer overflow, buffer overflow, memory corruption, and security bypass vulnerabilities that could lead to code execution. The security updates […]

Jan11 0

Microsoft January 2017 Patch Tuesday brings 4 Security bulletins addressing 16 Vulnerabilities. One bulletin is rated as Critical and three are rated as Important. The critical bulletin MS17-003 for Adobe Flash Player covering 13 CVE’s. Critical vulnerabilities allow remote attackers to perform Remote Code Execution and Information Disclosure. The other bulletins which are marked as important […]

Jan06 0

Ransomware was a popular topic in 2016. Ransomware attacks have become complex, targeted, and sophisticated. Many organizations infected with ransomware have lost a huge amount of money to get back their data from attackers. In 2016, new ransomware and new variants of old ransomware showed up. This infographic shows some of the worst ransomware of […]

Jan05 0

Saner Solution 2.3 provides many new features and capabilities, including full support for Mac OS X systems. The Saner solution protects endpoints on all three major operating systems, Microsoft Windows, Mac OS X, and all flavours of Linux. Image courtesy: Rini @SecPod Enhancements Complete feature integration of the Saner solution with Mac OS X operating […]

Jan03 0

Privilege escalation is the method of exploiting a bug, design flaw or configuration issues in an operating system or software application to gain access to resources that are restricted to be used by other users. An independent researcher Dawid Golunski exposed a privilege escalation vulnerability (CVE-2016-5616/CVE-2016-6663) present in MySQL, MariaDB and PerconaDB databases. This issue […]

Dec16 0

Microsoft December 2016 Patch Tuesday brings 12 Security bulletins addressing 62 Vulnerabilities. Six bulletins are rated as Critical and remaining six are rated as Important. This month high priority fixes are for Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player which addresses 50 vulnerabilities out of 62 vulnerabilities. The Six Critical bulletins are as follows: […]

Dec16 0

Adobe has released four critical security updates for Adobe Animate (APSB16-38), Adobe Flash Player (APSB16-39), Adobe DNG Converter (APSB16-41), Adobe InDesign (APSB16-43) and five important security updates for Adobe Experience Manager (AEM) Forms (APSB16-40), Adobe Experience Manager (APSB16-42), Adobe ColdFusion Builder (APSB16-44), Adobe Digital Editions (APSB16-45), and Adobe RoboHelp (APSB16-46) which covers a total of 30 CVEs. The security update for Adobe Animate, Adobe […]

Dec13 0

A new massive threat is making its rounds in the security world. A tricky yet nasty piece of ransomware called Fantom. Many organizations are being infected with this ransomware. But luckily, there are definite ways to evade it and also ways to mitigate the damage without letting the troublemakers win. Fantom ransomware is a devious […]

Dec12 0

Linux distributions are one of the most popular and commonly used operating systems. All Linux distributions including Debian, Ubuntu, Fedora, Red Hat Enterprise Linux (RHEL), and SUSE Linux Enterprise Server (SLES) suffer from a serious authentication bypass vulnerability which can allow anyone to bypass authentication and gain complete access to the system within just 70 seconds. This vulnerability is […]

Nov15 0

Weak Password: Access Granted The world saw two major hacks recently – Yahoo and LinkedIn. While LinkedIn compromised 117 million passwords, Yahoo compromised 200 million passwords. People tend to reuse their passwords. Thus, hackers are more likely to gain access to people’s email and bank accounts. Password security is one of the fundamental practices of […]

Nov15 0

USB Scam: An Unsuspicious Attack in Action Security researchers Karsten Nohl and Jakob Lell at the Black Hat security conference demonstrated how the security of USB devices has been destroyed and how it’s possible to infect any USB device using a hidden or unknown malware. They used the malware which they created called the BadUSB […]

Nov11 0

Adobe has released one critical security update for Adobe Flash Player (APSB16-37) and one security update for Adobe Connect (APSB16-35). The security updates for Adobe Flash Player resolves critical vulnerabilities that allow attackers to execute arbitrary code and take control of the affected systems. The security updates for the Adobe Connect resolves an input validation […]

Nov11 0

Microsoft November 2016 Patch Tuesday brings 14 Security bulletins addressing 75 Vulnerabilities. Six bulletins are rated as Critical, eight are rated as Important. The Six Critical bulletins are as follows: MS16-129 for Microsoft’s Edge browser covers 17 CVE’s MS16-130 for Microsoft Windows covers 3 CVE’s MS16-131 for Microsoft Video Control covers 1 CVE’s MS16-132 for […]

Nov08 0

Google has disclosed a Windows zero-day vulnerability in the Windows kernel that is currently being exploited in the wild by Black hats. This was disclosed after Microsoft failed to release a patch within the 7-day deadline. CVE-2016-7855 is a local privilege escalation vulnerability in the Windows kernel that can be used as a security sandbox escape. “[The vulnerability] […]

Nov08 0

Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel, which allows an unprivileged local user to gain write access to otherwise read-only memory mappings, and thus increases their privileges on the system. The vulnerability is nicknamed Dirty COW because the issue is caused by a race condition in the way kernel handles […]

Oct26 0

Ransomware continues to be popular among cyber criminals. According to a CNN report, cyber criminals collected over $209 million in the first three months of 2016. Ransomware exploits vulnerabilities, misconfigurations, and social engineering. Our most loved whitepaper Ransomware a Billion Dollars a Year Cyber Crime covers ransomware variants and how these variants exploit endpoints. The […]

Oct25 0

The Dangers of Drive-By Download Attack Drive-by-downloads are harmful pieces of software that are downloaded to an endpoint device as a result of visiting a compromised web page or an HTML-based email that links to a website. This attack occurs without the consent or knowledge of the user. Users mainly become a victim to the […]

Oct19 0

The Great Perils of FPhishing Every year, many organizations fall victim to phishing attacks. Tens of millions of phishing emails make it to your inbox and are clicked and opened. A recent study by the Anti-Phishing Working Group (APWG) has revealed just how much we have been victim to phishing over the years. The study […]

Oct13 0

Adobe has released two critical security updates for Adobe Flash Player (APSB16-32), Adobe Acrobat and Reader (APSB16-33) and one security update for Adobe Creative Cloud Desktop Application (APSB16-34). The security updates for Adobe Flash Player, Adobe Acrobat and Reader resolves critical vulnerabilities that allow attackers to take control of the affected systems. The security updates […]

Oct13 0

Microsoft October 2016 Patch Tuesday brings 10 Security bulletins addressing 37 Vulnerabilities. Six bulletins are rated as Critical, three are rated as Important and one is rated as Moderate. Six Critical bulletins are, MS16-118 for Internet Explorer cover 11 CVE’s, MS16-119 for Microsoft Edge cover 13 CVE’s, MS16-120 for Microsoft Graphics cover 7 CVE’s, MS16-121 for […]

Sep15 0

Adobe has released three security updates for Adobe AIR SDK & Compiler (APSB16-31), Adobe Flash Player (APSB16-29), and Adobe Digital Editions (APSB16-28) which covers a total of 35 CVEs . The security update resolves a critical vulnerability for Adobe Flash Player and for AIR it resolves a remote security vulnerability that could potentially allow an attacker to take control of the […]

Sep15 0

Microsoft September 2016 Patch Tuesday brings 14 Security Bulletins addressing a total of 50 vulnerabilities. Seven Security Bulletins are rated as Critical and Seven are rated as Important. This month Seven bulletins are rated as Critical : MS16-104 for Internet Explorer, MS16-105 for Microsoft Edge, MS16-106 for Microsoft Graphics Component, MS16-107 for Microsoft Office, MS16-108 for […]

Sep01 0

The main highlight of this release is the extension of our features to various Linux flavors such as CentOS, RHEL, Amazon Linux, Fedora, Ubuntu and other Debian and RPM based systems. Image courtesy: Rini Thomas @ SecPod What’s New in Release? Real-time analysis of Linux-based systems through an enormous list of queries such as System control settings, Processes, Services, […]

Aug24 0

OpenSSH is a free suite of connectivity tool aka OpenBSD Secure Shell, which provides secure encryption for both remote login and file transfer between two hosts over a network. CVE-2016-6515 (Denial of Service Vulnerability) It has been discovered that OpenSSH server incorrectly handles password hashing while authenticating non-existing users. In OpenSSH versions prior to 7.3, the ‘auth_password’ function in ‘auth_passwd.c’ script, […]

Aug18 0

One of the major and serious threats on the internet today is malicious software, often referred to as a Malware. Malware, short form of malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising. The malware being designed by attackers are polymorphic and […]

Aug12 0

This month Adobe has released important security update only for Adobe Experience Manager (APSB16-27). The security update for Adobe Experience Manager resolves important input validation issues that could be used in cross-site scripting attacks, an important vulnerability in backup functionality that could lead to information disclosure, and an important vulnerability that could disclose audit log […]

Aug11 0

Microsoft August 2016 Patch Tuesday brings 9 Security Bulletins addressing a total of 34 vulnerabilities. Five Security Bulletins are rated as Critical and remaining Four are rated as Important. This month high priority fixes are for Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, and Microsoft Windows PDF Library which addresses 28 vulnerabilities out of 34 […]

Jul26 0

Understanding Saner Solution Saner Solution consists of three components namely- Ancor, Viser, and End-point Agents. Ancor is the Analytics and Correlation Engine that forms the core of the solution. Viser is the visibility portion of Saner Solution with which security administrators can monitor the security posture of an enterprise and also react/respond to security incidents […]

Jul21 0

What would it be like if an Endpoint and Saner communicated? Endpoint: Someone entered? Saner: Hello Endpoint! I am Saner Version 2.1, Family Supported- Linux, Mac and Windows. Endpoint: Welcome Saner. I am Endpoint (hostname), alias 192.168.1.X (IP address), A2:B1:C4:A3:B2:C1 (Mac address), Processor X, RAM 8GB and Storage 500GB Endpoint: Welcome to my world […]

Jul14 0

Adobe has released critical security updates for Adobe Flash Player (APSB16-25), Adobe Acrobat and Reader (APSB16-26) and Adobe XMP Toolkit for Java (APSB16-24). The security updates for Adobe Flash Player, Adobe Acrobat and Reader resolves critical vulnerabilities that allows an attacker to take control of the affected system. The security updates for the Adobe XMP […]

Jun20 0

ImageMagick is an open-source software suite which can be used to create, edit and display bitmap images, either from the command line or using a graphical interface. It can read, convert and write images in a large variety of formats including PNG, JPEG, JPEG-2000, GIF, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Various effects […]

Jun16 0

Adobe has released critical security updates for Adobe Flash Player(APSB16-18), Adobe DNG SDK(APSB16-19), Adobe Brackets(APSB16-20), Adobe Creative Cloud Desktop Application(APSB16-21), ClouFusion (APSB16-22), Adobe AIR(APSB16-23) and with Adobe Flash Player(APSA16-03) Advisory. The security updates for Adobe DNG Software development Kit (SDK) resolves a memory corruption vulnerability. The security updates for Adobe Flash Player resolves critical vulnerabilities that could potentially allow […]

Jun16 0

Microsoft June 2016 Patch Tuesday brings 17 Security Bulletins addressing a total of 82 vulnerabilities. Six are rated as Critical and remaining Eleven are rated as Important. This month high priority fixes are for Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player and Microsoft Windows DNS Server which addresses 60 vulnerabilities out of 82 vulnerabilities. This month […]

Jun01 1

A new vulnerability has been discovered by Ben Hayak, researcher at Trustwave, at Black Hat Europe in Amsterdam, that can gain access into your private cloud and steal information like private photos, video albums etc. just by clicking on a malicious link. This attack happens before the user realizes that something is going wrong. Yes, that means the application […]

May31 0

SecPod Saner 2.1 provides exciting new features and bug fixes. Features include much more robust reporting, automated alerts, threat visualization and co-branding support for managed service providers. Administrators have a refurbished dashboard, which is fast and convenient. Quick links on the dashboard help search deeper into endpoint data. Remediation based on rules delineates status of […]

May31 0

May24 0

Today’s sophisticated and complex malware targets all industries, and healthcare industry is becoming a popular choice amongst attackers. Healthcare organizations should have another look at their cyber security structure around endpoint devices like laptops, tablets, desktops, smartphones, patient control and monitoring devices. A recent survey on healthcare security with respondents comprising healthcare organizations stated that […]

May13 0

Advanced Persistent Threat (APT) is a network attack in which an attacker chooses a particular target, uses social engineering and advanced technologies to break into a network. Until the attack is successfully executed, they focus on that particular target for weeks, months, and years. Once inside a network, the objective of the attacker is to lay […]

May12 0

Microsoft May 2016 Patch Tuesday brings 16 Security Bulletins addressing a total of 37 vulnerabilities. Eight are rated as Critical and remaining eight are rated as Important. This month high priority fixes are for Internet Explorer, Microsoft Edge and Microsoft Graphics Component which addresses 14 vulnerabilities out of 37 vulnerabilities. This month eight bulletins are rated as Critical: […]

May12 0

Adobe has released critical security updates and hotfixes for ColdFusion, Adobe Flash player, Adobe Acrobat and Reader, which covers a total of 136 CVEs. The security hotfixes for ColdFusion resolves a critical vulnerability on all platforms. The security updates for Adobe Acrobat and Reader resolves a critical vulnerability on Windows and Macintosh, whereas for Adobe Flash player […]

May03 0

Patch fatigue is a term that’s buzzing amongst IT managers due to the devastating number of patches enterprises need to keep their environment safe and updated. 2016 IBM Security Report covered 18 years of patches with over 100,000 known vulnerabilities. Though only a few of these vulnerabilities affect each device in a network at any […]

May02 0

A new ransomware has risen. Known as Jigsaw Ransomware, it is named after the iconic character that appears in the ransomware note. Jigsaw ransomware will encrypt the files and ask victims to pay a ransom of 150 USD worth of Bitcoins or .4 BTC. If the victim takes a long time to pay the ransom, […]

Apr29 0

DROWN (Decrypting RSA with Obsolete and Weakened Encryption): OpenSSL is an open source application which contains implementation of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols. libcrypto and libssl are 2 primary libraries of OpenSSL. Libcrypto library is used for general-purpose cryptography, libssl provides SSL and TLS protocol support and depends on libcrypto. […]

Apr27 0

PowerWare, a new ransomware has been detected, which leverages Windows PowerShell to-do the work. The ransomware targets enterprises using Microsoft Word and PowerShell. PowerShell is the scripting language intrinsic to Microsoft operating systems. This ransomware mainly targets healthcare organizations. The dubbed PowerWare ransomware is being circulated through a common attack method, phishing emails containing Word […]

Apr19 0

Strengthening resilience to attacks is the emphasis for security professionals nowadays. Though defenders are inventing technologies and tactics that are emerging in sophistication, enemies are not behind either. Criminals are well funded and they use a mishmash of progressed technologies and strategies to dodge detection. Security professionals will always do their best to block attacks […]

Apr14 0

Ransomware has been continuously evading the security industry. And now they have hit the Mac world too. Mac OS X was hit recently with ransomware for the very first time and it’s the first malware which is digitally signed with a valid Mac Developer ID and distributed via software update. What Hit the Mac? KeRanger […]

Apr14 0

Adobe has released critical security updates for RoboHelp server 9, Creative Cloud desktop application, and Flash Player, which covers a total of 26 CVE’s. The security hotfix for RoboHelp Server 9 for Windows resolves a critical vulnerability. The security update for the Creative Cloud Desktop Application for Windows and Macintosh resolves an important vulnerability. This security patch addresses the […]

Apr14 0

Microsoft April 2016 Patch Tuesday brings 13 security bulletins including one bulletin for Adobe Flash Player, addressing a total of 29 vulnerabilities. Microsoft also addresses a crucial Zero-Day vulnerability, popularly known as Badlock, in SAM and LSAD Remote Protocols CVE-2016-0128 which allows elevation of privileges. This month high priority fix are for Internet Explorer and Microsoft Edge which together addresses 11 out of 29 vulnerabilities. This month 6 bulletins are rated […]

Mar30 0

Data breach responders work to recognize the source of the breach, use knowledge and technique to prevent/ fix a breach. But the data breach analogy ends there. A data breach responder cannot assure that another breach will not happen, as the possibility of the occurrence of a breach exists. Data breaches do not describe victim […]

Mar30 0

The new version of the PCI Data Security Standard is expected to be released by the PCI Security Standards Council by April. PCI DSS 3.2 will be the only release for the year 2016 and will be the final update to the standard. The council wants to make an early release of the updated version […]

Mar29 0

It is ideally after a post attack scenario when the blame game starts as to who is to be held responsible. Attacks sometimes serves as a reminder for organizations to focus on security needs rather than considering it an integral part, which is the typical mindset of business managers. The increase in cyber-attacks in the […]

Mar29 0

Oracle has released an emergency security update for Java SE running in desktop web browsers. Advisory addresses an unspecified vulnerability(CVE-2016-0636) which can be remotely exploited without authentication, may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will […]

Mar24 0

A critical vulnerability has been found in Samba which affects all Windows platforms, termed as badlock. It will be patched on April 12, 2016. Samba is an open source implementation of the SMB/CIFS network protocol, which runs on non-windows operating systems like Unix, IBM System 390, Linux, OpenVMS and other operating systems and allows them to […]

Mar22 0

According to a recent survey that included approximately 480 IT professionals, effective patch management was considered to be the easiest way of enhancing IT risk management. However, organizations are still getting it wrong. Patch weariness was considered to have only a small impact on the industry, but is in fact affecting a wide range of organizations. The […]

Mar22 0

World is huMONGOous and so is the amount of data that we possess in it. The above line explains where did the word ‘Mongo’ originate from and why do we need MongoDB. MongoDB is a cross-platform document-oriented database. Document databases pair each key with a complex data structure known as a document. Documents can contain many […]

Mar14 0

Partnerships and strategic alliances between technology vendors and Managed Service Providers (MSP) drive sales and bring success to technology firms and their partners. MSPs have played a significant role in taking a vendor’s product or service to the customers. Though these partnerships look like a win-win situation, not all the partnerships yield the right results. […]

Mar09 0

Multi-tenancy refers to the mode of operation wherein a single instance of a software application attends to multiple tenants. Each client is called a tenant. They may represent enterprises that gained access to the multi-tenant application or the multiple applications competing for intrinsic resources. Tenants are permitted to customize certain parts of the application such […]

Mar03 0

Feb18 0

A critical security flaw has been reported in GNU C Library. The bug discovered in glibc has been present since 2008. A huge amount of Linux software can be hijacked by miscreants from the other side of the internet. The GNU C Library (glibc) is an essential component of Linux distributions. The researchers at Google and Red Hat […]

Feb12 0

Adobe has released critical security updates for Experience Manager, Connect, Flash Player, Photoshop CC and Bridge CC. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. The Linux and Mac operating systems are affected apart from Windows. Here are the details of 4 Critical Security Updates: APSB16-05 (Adobe […]

Feb10 0

Microsoft February 2016 Patch Tuesday bring 13 Security Bulletins, which is addressing 37 vulnerabilities. Six are rated as Critical and 7 are Important. Following six bulletins are rated as Critical, MS16-009 for Internet Explorer. MS16-011 for Microsoft Edge. MS16-012 for Windows PDF Library. MS16-013 for Windows Journal. MS16-015 for Microsoft Office and MS16-022 for Adobe Flash Player. Microsoft security bulletin summary for February 2016 in order of severity […]

Feb08 0

AUGMENTED REALITY Augmented Reality is a sort of virtual reality that aims to duplicate the actual world’s environment in a computer. An augmented reality system creates a composite view for the user that is the combination of the real scene viewed by the user and a virtual scene produced by the computer that enhances […]

Feb08 0

Corporate Espionage is the practice of stealing and unauthorized revealing of corporate data to other companies, government or individuals. Competitor companies, individuals tracing information for their own financial profit are mainly involved in corporate espionage. Employees fail to build a lasting and loyal rapport with their employers and thus steal information. But unsatisfied employees aren’t the […]

Feb03 0

CVE-2016-0728 is the latest zero-day flaw discovered in linux kernel which affects millions of users across the world. The vulnerability has been there since several years and was discovered only recently. This flaw exists in all the linux kernel versions 3.8 and later. CVE-2016-0728 is basically a memory-leak vulnerability, where the flaw exists within the […]

Feb01 1

As a firm grows, it’s important to adopt more stringent security measures to protect its business from unwanted threats, risks, and unauthorized activities. After looking into various practical applications and procedures, businesses implement best practices for the smooth running of their operations. Employ In-depth protection strategies Draw attention to numerous, overlapping and reciprocally supportive defensive […]

Jan22 0

The increased cost and complexity of securing the business IT infrastructure has opened the door for managed security service providers (MSSPs). In particular, small and medium businesses (SMBs) generally don’t have the security experience or resources to adequately protect their business from today’s security threats. The days of simply configuring firewalls and deploying anti-virus software […]

Jan13 0

Small and medium size businesses mainly known as SMBs are focused towards growing. Spending on security software is not one of their priorities. But just like every other business, protection of their data and systems are equally important. The perception that since the business is small all they’ll require is an anti-virus, is not right. […]

Jan11 0

2016 Security Predictions Every cyber experience that we encounter, be it success or failure is a learning lesson. A learning lesson to be precautious and a lesson as to what to expect in the future. Let’s take a look back at the year 2015 to get an insight about the forthcoming period. What we […]

Dec30 0

Dec29 0

5 Endpoint Security Myths Protecting a central corporate network when it is being accessed through various endpoints such as mobile devices, laptops, computers etc. is known as Endpoint Security. Superstitions and myths related to many things have been going on for generations. So how can we leave behind myths on endpoint security? Here are some […]

Dec29 0

Adobe released critical security patch for Adobe Flash Player. The patch address Nineteen (19) flaws including multiple zero day vulnerabilities and CVE-2015-8561 is being actively exploited in the wild.These flaws allows attackers to take complete control of the systems remotely. The Linux and Mac operating systems are affected apart from Windows. Here are the details of the 19 […]

Dec14 0

Microsoft December 2015 Patch Tuesday bring 12 security bulletins which is addressing 71 vulnerabilities. Eight are rated Critical and 4 are Important. Eight Bulletins are rated as Critical , MS15-124 for Internet Explorer. MS15-125 for Edge. MS15-126 for JScript and VBScript. MS15-127 for Windows DNS. MS15-128 for Graphics Component. MS15-129 for Silverlight. MS15-130 for Uniscribe and MS15-131 for Office. Microsoft security bulletin summary for December 2015 in order of severity MS15-124 : Vulnerabilities in Internet Explorer (3116180) Severity […]

Oct14 0

Microsoft October 2015 Patch Tuesday bring six security bulletins which is addressing 33 vulnerabilities. Three are rated Critical and 3 are Important. Three Bulletins are rated as Critical , MS15-106 for Internet Explorer. MS15-108 for JScript and VBScript and MS15-109 for Windows Shell. Microsoft security bulletin summary for October 2015 in order of severity MS15-106 : Vulnerabilities in Internet Explorer (3096441) Severity Rating: Critical Affected Software: Internet […]

Sep10 0

Microsoft September 2015 Patch Tuesday bring 12 security bulletins which address 55 CVE’s. Four are rated Critical and eight are Important. 4 bulletins are rated as Critical , MS15-94 for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) , MS15-95 for […]

Aug13 0

Microsoft August 2015 Patch Tuesday bring 14 security bulletins which address 60 CVE’s. This month has 4 high priority bulletins, MS15-81 for Microsoft Office 2007, 2010, 2013, MS15-92 for .NET Framework , MS15-79 for Internet Explorer and MS15-091 for Microsoft Edge. 4 bulletins are rated as Critical , MS15-079 (KB3082442) for Internet Explorer 7 through 11 addressing 13 vulnerabilities, MS15-080 (KB3078662) for Microsoft Graphics […]

Jul22 1

Microsoft has released an emergency patch update for all versions of Windows. This security update is rated Critical for all supported releases of Microsoft Windows .The patch addresses the CVE-2015-2426 which permits Remote Code Execution and allows hackers to take complete control of the attacked system. This flaw resides in the way Windows Adobe Type […]

Jul16 0

Microsoft July 2015 Patch Tuesday bring 14 security bulletins which address 58 CVE’s. This month has 3 high priority bulletins, MS15-065 for Internet Explorer, MS15-070 for Microsoft Office, and MS15-077 for Windows. 4 bulletins are rated as Critical , MS15-065 for Internet Explorer 6 through 11 addressing 29 vulnerabilities, MS15-066 for VBScript engine in Windows Server 2003, Windows Server […]

Jun18 2

A critical vulnerability is discovered in Rivest Cipher 4 software stream cipher. In cryptography, RC4 is one of the most used software-based stream ciphers in the world. The cipher is included in popular Internet protocols such as Transport Layer Security (TLS). It is a very simple cipher when compared to competing algorithms of the same […]

Jun18 0

SecPod Research Team member (Deependra Bapna) has found Multiple Stored Cross-site Scripting Vulnerabilities in ClipBucket. The vulnerabilities are due to improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory in CVRF […]

Jun16 0

SecPod Research Team member (Thanga Prakash) has found Multiple Cross-site Scripting Vulnerabilities and SQL injection vulnerability in WordPress HTML5 MP3 Player with Playlist plugin. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, inject or manipulate SQL queries in the back-end […]

Jun12 0

SecPod Research Team member (Thanga Prakash) has found Multiple Reflected Cross-site Scripting Vulnerabilities in ManageEngine Firewall Analyzer. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory […]

Jun10 0

Microsoft June 2015 Patch Tuesday bring 08 security bulletins addressing a total of 45 vulnerabilities. This month high priority fix is for Internet Explorer which alone addresses 24 out of 45 vulnerabilities. This month 2 bulletins are rated as Critical, addressing 25 vulnerabilities and 6 are rated as Important. Critical security updates addresses security […]

May13 0

MS Patch Tuesday May 2015 This May 2015 Patch Tuesday Microsoft released 13 security bulletins addressing a total of 46 vulnerabilities. This month high priority fix is for Internet Explorer which alone addresses 22 out of 46 vulnerabilities. This month 3 bulletins are rated as Critical, addressing 30 vulnerabilities and 10 are rated as […]

Apr16 0

A critical bug dubbed Redirect to SMB has been discovered which is known to affect all devices running any version of Windows, including Windows 10. The as-yet unpatched flaw in Windows leaks username and password details to remote attackers, and was first reported to Microsoft way back in 1997. What is SMB? Server Message Block, […]

Apr15 0

This April another big update from Microsoft, which includes 11 security bulletins addressing a total of 26 vulnerabilities. The high priority fix is for Microsoft Office addressing 5 vulnerabilities, Windows HTTP protocol stack (HTTP.sys) and Internet Explorer addressing 10 vulnerabilities. This month four bulletins are rated as Critical, addressing 17 vulnerabilities and seven are […]

Apr14 0

SecPod Research Team member (Shakeel Bhat) has found Multiple Stored Cross-Site Scripting Vulnerabilities in Dotclear CMS. The vulnerability is caused by improper validation of various parameter in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory in CVRF […]

Apr02 0

With all the frightening stories of hackers at Black Hat, I stepped into not-just-yet-another-conference in Singapore. Situated at the plush location of the island country, Marina Bay Sands catered to one of the best security conference of this calibre. All renowned and well-informed security enthusiasts visited from all over the world to share their thoughts […]

Mar11 0

A big Patch Tuesday this month consisting of total fourteen security bulletins address total of 45 vulnerabilities. This month also high priority fix is for Internet Explorer along with Microsoft Windows, Adobe Font Driver, VBScript Scripting Engine, and Microsoft Office. Internet Explorer addresses and Adobe Font Driver address total 20 out of 45 vulnerabilities. This […]

Mar09 0

In our previous blog post, we promised to keep you informed if FREAK (Factoring attack on RSA-EXPORT Keys) vulnerability affects Windows applications. As of today, it is confirmed that FREAK is affecting all supported versions of Microsoft Windows, making the flaw more dangerous than anticipated. To give you a brief background, FREAK vulnerability is a […]

Mar05 0

Another potentially dangerous vulnerability called FREAK (Factoring Attack on RSA-EXPORT Keys) is being true to its name and is freaking out all Android and Apple device users. This SSL/TLS vulnerability has over the years exposed millions of Android and Apple devices to attacks when they visit supposedly ‘secured’ websites, which is what makes it dangerous. […]

Feb11 0