Security Research and Intelligence / Vulnerability Management

Multiple Flaws in Orbit Fox WordPress Plugin Allow a Complete Takeover of Sites

The Threat Intelligence team of Wordfence discovered two security vulnerabilities in the Orbit Fox WordPress plugin on November 19, 2020.…

Comments Off on Multiple Flaws in Orbit Fox WordPress Plugin Allow a Complete Takeover of Sites

January 18, 2021

Security Research and Intelligence

Patch Tuesday: Microsoft Security Bulletin Summary for January 2021

Microsoft Patch Tuesday January 2021 has rolled out its January security updates on this month's patch Tuesday for 83 vulnerabilities,…

Comments Off on Patch Tuesday: Microsoft Security Bulletin Summary for January 2021

January 13, 2021

Security Research and Intelligence

Secret Backdoor to Zyxel Firewall and AP Controllers Could Allow Administrative Access

Niels Teusink of Dutch cybersecurity firm EYE has recently discovered a secret backdoor to Zyxel devices. More than 100,000 Zyxel…

Comments Off on Secret Backdoor to Zyxel Firewall and AP Controllers Could Allow Administrative Access

January 6, 2021

Security Research and Intelligence

Google Revealed Sickly Patched Windows Zero-Day Vulnerability

Google's Project Zero team of security analysts has released the details of an improperly patched 0-Day vulnerability. The issue can…

Comments Off on Google Revealed Sickly Patched Windows Zero-Day Vulnerability

December 31, 2020

Endpoint Security and Management / Security Research and Intelligence

SolarWinds Releases Updates to Address Vulnerability Exploited by SUPERNOVA Malware

SolarWinds has released an advisory on 27th December 2020 to address the vulnerability being exploited by SUPERNOVA malware. The vulnerability…

Comments Off on SolarWinds Releases Updates to Address Vulnerability Exploited by SUPERNOVA Malware

December 28, 2020

Security Research and Intelligence

WordPress Plugin Contact Form 7 Critical File Upload Vulnerability (CVE-2020-35489)

Contact Form 7 is a popular WordPress plugin that is used to create, customize, and manage multiple contact forms on…

Comments Off on WordPress Plugin Contact Form 7 Critical File Upload Vulnerability (CVE-2020-35489)

December 18, 2020

Endpoint Security and Management / Security Research and Intelligence / Vulnerability Management

Critical Zero-Day in HPE Systems Insight Manager Revealed

Hewlett Packard Enterprise recently revealed a security flaw in its Systems Insight Manager software (Vulnerability in HPE Systems). This zero-day…

Comments Off on Critical Zero-Day in HPE Systems Insight Manager Revealed

December 17, 2020

Endpoint Management / Endpoint Security and Management / Security Research and Intelligence

Apple Critical Security Updates December 2020

Apple released security updates for multiple products. The exploitation of some of these security flaws will allow an attacker to…

Comments Off on Apple Critical Security Updates December 2020

December 15, 2020

Endpoint Security and Management / Security Research and Intelligence

SolarWinds SUNBURST Backdoor Compromises Multiple Global Victims

Highly evasive hackers breached Orion IT monitoring and management software of SolarWinds and deployed malware updates to it. It is…

Comments Off on SolarWinds SUNBURST Backdoor Compromises Multiple Global Victims

December 15, 2020

Security Research and Intelligence

Critical Command Injection Vulnerabilities in D-Link DSR VPN Routers

Multiple critical command injection vulnerabilities have identified in the D-Link DSR VPN router family products. These vulnerabilities are identified with…

Comments Off on Critical Command Injection Vulnerabilities in D-Link DSR VPN Routers

December 10, 2020