Author: Ashwitha Kallalike

2

Alert! Zerologon: Your Windows Domain Controller Can’t Handle Zero Properly (CVE-2020-1472)

A critical and interesting vulnerability in the Netlogon Remote Protocol of the Windows server was patched by Microsoft team last month. This flaw discovered by the Cybersecurity firm Secura (dubbed as Zerologon), has received the highest severity score of 10.0. The vulnerability is identified as CVE-2020-1472 and allows an attacker to successfully compromise the vulnerable […]

Read More →
0

Citrix Security Updates for Critical vulnerabilities in Citrix ADC, Gateway and SD-WAN

Citrix announces the release of patches for fixing a set of 11 critical flaws found in three of its networking products: Citrix ADC,  Citrix Gateway, and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. As per the Citrix sources, the vulnerabilities don’t have any trace of active exploitation, and 5 out of the […]

Read More →
0

Alert for Apple Users: Apple Patches a Zero-Day Unc0ver Jailbreak Vulnerability

The IT giant, Apple has quietly patched a zero-day vulnerability which was recently discovered by a team of cyber-security researchers and hackers in the iOS kernel. Apple has patched this vulnerability in all of its operating systems across various devices along with iOS. The researchers who discovered the vulnerability released a new jailbreak package named […]

Read More →
0

Adobe Releases Emergency Critical Security Patches- April 2020 Updates

  Although its not a Patch Tuesday, Adobe has released some of the emergency security updates to its products like Adobe Bridge, Illustrator, and Magento. So its time for all the users of these applications to be heedful. The software giant has announced the release of patches to its products in order to patch multiple […]

Read More →
0

Caution QEMU Users!!! Your password file may be open to attackers

A critical vulnerability has been discovered recently in QEMU (Quick Emulator). Beware of the Command execution vulnerability that exists in QEMU, a hosted virtual machine monitor. It was recently discovered that the QEMU Guest agent’s command ‘guest_exec‘ has encountered a critical OS command injection vulnerability which allows any remote unauthenticated attacker to gain sensitive information, […]

Read More →
0

Watch out for Alpine Linux Docker Image Root login Vulnerability

Alpine Linux is a simple and resource efficient OS which was built based on muscl and Busybox. Due to these optimized features, Alpine Linux behaves as a great docker container. A security vulnerability has been discovered in Alpine Linux docker image(since v3.3). Alpine Linux docker image has default root credentials with an empty or null […]

Read More →
0

Seven new Meltdown and Spectre-type CPU vulnerabilities that affect Intel, AMD, ARM CPUs

Spectre and Meltdown vulnerabilities are one of the most significant known hardware vulnerabilities that affect the modern computer processors. Meltdown and Spectre vulnerabilities were exploited through malicious programs to retrieve secrets stored in the memory of other running programs, sensitive information like passwords.   Both ‘Meltdown’ and ‘Spectre’ make use of a feature in the processor […]

Read More →
0

How to Fully Fix CVE-2017-8529, Microsoft Browser Information Disclosure Vulnerability

Overview: The Microsoft has re-released a patch for CVE-2017-8529 to fix a print issue related to this vulnerability. The patch is not fully applied unless certain registry keys are set even after installing the respective Operating System patches. This article describes the steps to update registry settings to be fully protected from this vulnerability.  Affected OS: […]

Read More →