Cisco has released updates for a set of vulnerabilities. These vulnerabilities include six high severity and six medium severity vulnerabilities. The main highlight for this set of Cisco updates is the patching of a recently discovered vulnerability in Wi-Fi Access points and routers, widely known as Kr00k. Getting rid of the Kr00k Kr00k (CVE-2019-15126) is […]
Read More →Microsoft rightly predicted that systems vulnerable to CVE-2020-0688, could be an attractive target for attackers and that this vulnerability could soon be included in upcoming attacks. Standing true to that, attackers have now started scanning the Internet for Microsoft Exchange Servers vulnerable to a Remote Code Execution flaw(CVE-2020-0688). This vulnerability received a patch during the […]
Read More →Microsoft released updates for Patch Tuesday a week ago. A few users who installed the updates encountered missing files and user profiles on their systems. Further investigation revealed that the culprit was Windows 10 update KB4532693. Microsoft has acknowledged the existence of an issue and is analyzing it. What happens after installing KB4532693? Several users […]
Read More →Fox Kitten Campaign has hit the headlines recently, but has a longstanding history of cyber espionage. Researchers from ClearSky discovered a three-year-old campaign targeting a wide range of organizations around the world. In a detailed report, the researchers added that this could be Iran’s most continuous and comprehensive campaign known. The campaign, first revealed by […]
Read More →Intel patched a high severity bug in CSME subsystem which allows an attacker to carry out privilege escalation, information disclosure and denial of service. Intel Converged Security and Management Engine (CSME) is a chipset subsystem which powers Intel’s Active Management technologies. CSME is used for remote out-of-band management in consumer or corporate PCs, Internet of […]
Read More →Adobe released security advisories providing fixes for 35 critical vulnerabilities. A total of 42 security bugs were fixed in this release. The critical vulnerabilities, all allow execution of arbitrary code on a target machine. These flaws affect Windows, Linux, Mac OS X and other platforms. Adobe Framemaker Twenty one critical arbitrary code execution flaws were […]
Read More →RobbinHood is a relatively new ransomware that was first spotted in April 2018. A distinct feature of this ransomware is that it targets every computer individually and does not encrypt other computers via connected shares. RobbinHood claims to delete all the information related to an infected computer including the IP address, Encryption keys, etc. once […]
Read More →Lemon Duck is a monerocrypto-mining malware. This malware was first spotted in China but has hence spread to other parts of the world. Lemon Duck starts with single infection and spreads rapidly across the entire network converting the resources of an organization into cryptocurrency mining slaves. Researchers from TrapX-Labs have reported that Lemon Duck has […]
Read More →RYUK is a ransomware which was first spotted in the year 2018 being distributed as a part of a targeted campaign. The attacks using this ransomware are well planned and highly targeted. This ransomware is known to have encrypted a number of PCs, storage and data centers in various organizations. The attackers behind this ransomware […]
Read More →A new vulnerability was discovered in the sudo utility which allows an unprivileged user to gain root privileges without authentication. CVE-2019-18634 is classified as Stack-based Buffer Overflow(CWE-121). This flaw affects all Unix-like operating systems and is prevalent only when the ‘pwfeedback’ option is enabled in the sudoers configuration file. pwfeedback provides visual feedback(* for every […]
Read More →