SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Microsoft July 2021 Patch Tuesday Addresses 117 CVEs Including 9 Zero-Days
Microsoft has released July Patch Tuesday security updates with a total of 117 vulnerabilities in the family of Windows, Mac, and Android operating systems and related products. In the release by Microsoft, 13 were rated as Critical, 1 as moderate, and 103 as Important. The products covered in the J...
CVE Research
SanerNow has become more powerful than ever. The most awaited 5.0 release is here!
After numerous discussions, brainstorming sessions, day-night development, and rigorous testing, we are thrilled to announce the most exciting release of SecPod in the recent past. SanerNow 5.0 is here to put an end to the eternal search for a full-fledged and automated vulnerability management solu...
CVE Research
Kaseya’s Virtual System/Server Administrator (VSA) Zero-Day Under Active Exploitation By REvil Ransomware
Kaseya is a US-based organization that provides IT and security management solutions for managed service providers (MSPs) and small to medium-sized businesses (SMBs) worldwide. One of its tools, called Kaseya’s VSA, is under active exploitation and used as an attack vector to install REvil ransomwar...
CVE Research
Microsoft Windows “PrintNightmare” Vulnerability Exploited in the Wild
A critical zero-day vulnerability has been discovered in Microsoft Windows Print Spooler. This high severity vulnerability dubbed as PrintNightmare is tracked under the CVE identifier CVE-2021-34527. Successful exploitation of this vulnerability allows attackers to conduct arbitrary code execution w...
CVE Research
The Finale of the Eternal Search for the Best Vulnerability Assessment Solution is Nearing!
Vulnerability management solution is usually the most painstaking process for an IT/security team. The teams struggle to run full vulnerability scans in time and create comprehensive risk reports. Throw in a dozen scanners and patching solutions. It’s now full-blown chaos and drama. Top management f...
CVE Research
Google Chrome Patches Another High Severity Zero-Day Flaw Exploited in the Wild
Google has released an emergency fix for its Chrome browser app in Windows, Linux, and Mac. This consists of four vulnerabilities that include one Zero-day vulnerability with High severity. This is the eighth Zero-day vulnerability which is fixed by Google this year and is assigned with CVE-2021-305...
CVE Research
Adobe Critical Security Updates June 2021
Adobe has finally released security updates providing fixes for 21 critical vulnerabilities in Adobe Creative Cloud Desktop Application, After Effects, Photoshop, Animate, RoboHelp Server, Acrobat, and Reader. A total of 41 security vulnerabilities have been finally patched in this release. Having a...
CVE Research
Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days
Microsoft has released June Patch Tuesday, security updates with a total of 50 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 5 were rated as Critical and 45 as Important. The products covered in June’s security update include Mi...
CVE Research
Critical Zero-Day Flaw Actively Exploited in WordPress Fancy Product Designer Plugin
A critical zero-day vulnerability has been discovered in a WordPress plugin called Fancy Product Designer. A Wordfence Threat Intelligence team from WordPress security company Defiant alerted about this vulnerability. The vulnerability is under active attack, which is tracked as CVE-2021-24370 by us...