SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Mozilla Patches High-Risk Vulnerabilities in Firefox and Thunderbird
Mozilla has released security updates for Firefox, Firefox ESR (CVE-2022-22746), and mailing client Thunderbird. There are 18 vulnerabilities in Firefox,14 vulnerabilities in Firefox ESR, and in Thunderbird 14 vulnerabilities were found and fixed. The advisories for these products have been rated hi...
CVE Research
Microsoft January 2022 Patch Tuesday Addresses 97 Vulnerabilities Including Six Zero-Day
Microsoft’s January 2022 Patch Tuesday security patch includes a total of 97 vulnerabilities detected, including six zero-day with nine classified as Critical and then 88 as Important. Furthermore, the products covered in January’s security update include Microsoft Office, Microsoft Windows, Microso...
CVE Research
Your Action Plan to Secure your Network in 2022
With another year wrapped up and the dawn of a new year, there are oceans of uncharted waters in the cybersecurity realm that need to be voyaged. Digital transformation is at its peak due to the hybrid workforce. The paradigm shift in working modules eliminates the dependency on old business models ...
CVE Research
Log4Shell-Critical Remote Code Execution Vulnerability in H2database Console
JFrog has recently disclosed a remote code execution vulnerability on H2 Database consoles. This is based on a Java Naming and Directory Interface(JNDI) vulnerability, and its root cause is similar to the recent Log4Shell vulnerability in Apache Log4j. H2 is an open-source RDBMS in Java that offers...
CVE Research
Know the Impact of Vulnerabilities and Types of Threats on your Linux Systems
Linux is the backbone of most modern business organizations and a massive network. Amazon, the largest cloud provider globally, runs its EC2 cloud computing platform on Linux. Currently, the Linux kernel employs 27.8 million lines of code, updated every year. Several new bugs or vulnerabilities appe...
CVE Research
How frequent will Ransomware attacks be in 2022?
Ransomware has made its way into the consciousness of business owners and security admins over the past two years. As an increasingly prevalent cyberattack, ransomware has grabbed more headlines than any other cyberattack in 2021. According to a recent study by Cybersecurity Ventures, in every 11 se...
CVE Research
Adobe Critical Security Updates December 2021
Adobe security update December 2021, they have released security updates providing fixes for 28 critical vulnerabilities in Adobe After Effects, Premiere Pro, Photoshop, etc. A total of 60 security vulnerabilities have been patched in this release using a patch manager. However, most of these vulner...
CVE Research
Microsoft December 2021 Patch Tuesday Addresses 67 Vulnerabilities Including a Zero-Day Being Actively Exploited
Microsoft has released December 2021 Patch Tuesday security updates with a total of 67 Vulnerabilities, including a zero-day being actively exploited. Detected by a vulnerability scanning tool, The products covered in December’s security update include Microsoft Edge, Azure, Microsoft Windows, Micr...
CVE Research
Discover The Extremely Critical Apache Log4j Vulnerability (CVE-2021-44228)
All Java applications come with Log4j, a logging library/facade that allows programmers to release output logs to numerous output targets. Log4j is an integral part of Apache Logging Services, which cybercriminals can use to launch RCE attacks due to a vulnerability.