Category Archives: Vulnerabilities
Microsoft released one-click solution for Exchange Vulnerability
To combat the severe vulnerability facing exchange servers, Microsoft has released a one-click solution to help server administrators mitigate the problem. Microsoft Stated “We realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server,”…
Hackers Bypassing cPanel 2FA All Day Long
Researchers have discovered quite a big issue with cPanel which Hackers can exploit your 2FA authentication to obtain access to your cPanel Hosting service. What was found by Digtial Defense, Inc. “Digital Defense, Inc., a leader in vulnerability and threat management solutions, today announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting…
Mobile Users Falling Victims To URL Spoofing
Yikes, aren’t there enough mobile vulnerabilities already? Now we have to tend to URL Spoofing and determining if the website is real or not? A Rapid7 researcher named Tod Beardsley, which disclosed the vulnerability, said this flaw, is an instance of CWE-451 from the Common Weakness Enumeration. It is cause for concern because these victims…
Hackers From Iran Are Spreading Dharma Ransomware Via RDP Ports
A group of hackers from Iran are targeting worldwide companies that use public-facing Remote Desktop Protocol (RDP) and infecting them with the Dharma Ransomeware. The attackers would lunch their campaign by first scaning ranges of IPs for hosts that contained these vulnerable RDP ports like 3389 which is the default RDP port, afterwards attempt weak…
CISA Alerts in Ongoing Ransomware Exploiting Vulnerabilities in RDP and VPNs
The DHS Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert regarding an on going Nefilim ransomware campaign, after the New Zealand Computer Emergency Response Team (CERT NZ) issuing an alert as well. Nefilim ransomware is the successor of Nemty ransomware and was first discovered in February 2020. The developers of the ransomware conduct…
Russian Sandworm Exploiting Exim Mail Servers
It has been found by the NSA that the Russian Spy Group called BlackEnergy is actively exploiting Exim mail servers with Sandworm. The Exim mail server flaw can be exploited using a email containing a modified “MAIL FROM” field in a Simple Mail Transfer Protocol (SMTP) message. The Russians have been exploiting unpatched Exim servers…
Microsoft Patched 100 Vulnerabilities
Microsoft has pushed a hefty list of Patches on Tuesday to fix over 100 Vulnerabilities and 16 CVEs making the critical list. This is actually the thrid mont that Microsoft has pushed over 100 vulnerabilities patches. May’s list does not contain any vulnerabilities currently being exploited in the wild, which is a good thing. Make sure…
Sophos XG Firewall Vulnerability
Hackers have been targeting Sophos XG Firewall due to the Zero-Day exploit that allows hackers to inject the Asnarok Malware. Sophos said in their blog. “The attack affected systems configured with either the administration interface (HTTPS admin service) or the user portal exposed on the WAN zone. In addition, firewalls manually configured to expose a…
Unpatched Systems Are Still A Major Attack Vector
Unpatched systems are still a major attack vector for hackers. These unpatched systems can invite major troubles for an organization. The issue can turn worse when the organization falls victim to a data breach and compromises confidential data. Time and time again it was found that the same vulnerabilities kept being the top vector for…
Apps In Google Play Store Found With Haken Malware
The Haken malware obtains sensitive data from victims and secretly signs them up for expensive premium subscription services. The eight apps that were found have since been removed. Users have collectively been downloaded 50,000 times. These apps were utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump…