New Windows Installer Zero-Day Flaw exploited in the Wild

Microsoft recently patched a Windows Installer Elevation of Privilege vulnerability tracked as CVE-2021-41379 in its November Patch Tuesday. As we…

Continue ReadingNew Windows Installer Zero-Day Flaw exploited in the Wild

A Critical Vulnerability in Atlassian Confluence Server Under Active Exploitation

Atlassian Confluence recently published a security advisory to patch a critical OGNL(Object-Graph Navigation Language) injection vulnerability existing in Confluence Server…

Continue ReadingA Critical Vulnerability in Atlassian Confluence Server Under Active Exploitation

Cisco Patches Critical and High Severity Flaws in Its VPN Routers

Cisco is one of the popularly known firms for manufacturing networking products along with developing software products. Recently it addressed…

Continue ReadingCisco Patches Critical and High Severity Flaws in Its VPN Routers

WinRM servers are the latest preys for the Wormable Windows HTTP vulnerability

Microsoft recently patched a critical remote code execution vulnerability in the HTTP Protocol Stack (http. sys), used by the Windows…

Continue ReadingWinRM servers are the latest preys for the Wormable Windows HTTP vulnerability

Multiple Flaws in Orbit Fox WordPress Plugin Allow a Complete Takeover of Sites

The Threat Intelligence team of Wordfence discovered two security vulnerabilities in the Orbit Fox WordPress plugin on November 19, 2020.…

Continue ReadingMultiple Flaws in Orbit Fox WordPress Plugin Allow a Complete Takeover of Sites

Alert! Zerologon: Your Windows Domain Controller Can’t Handle Zero Properly (CVE-2020-1472)

A critical and interesting vulnerability in the Netlogon Remote Protocol of the Windows server was patched by Microsoft team last…

Continue ReadingAlert! Zerologon: Your Windows Domain Controller Can’t Handle Zero Properly (CVE-2020-1472)