image
Patrick Domingues

Tag Archives: Vulnerabilities

Vulnerabilities

Jetty Vulnerability using Invalid Large TLS Frame causes 100% CPU Usage

This Jetty vulnerability is to be considered as a service availability issue. When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage.  The following packages have been upgraded to a…

Read More

Vulnerabilities

Three Linux vulnerabilities provided root access to hackers since 2006

Three Linux vulnerabilities provided root access to hackers since 2006 in the iSCSI module used for getting to shared data storage. This flaw could allow root access to any hacker with a user account. The three vulnerabilities – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – were in the Linux code since 2006 going unnoticed until the researchers…

Read More

Vulnerabilities

Microsoft released one-click solution for Exchange Vulnerability

To combat the severe vulnerability facing exchange servers, Microsoft has released a one-click solution to help server administrators mitigate the problem. Microsoft Stated “We realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server,”…

Read More

Vulnerabilities

Hackers Bypassing cPanel 2FA All Day Long

Researchers have discovered quite a big issue with cPanel which Hackers can exploit your 2FA authentication to obtain access to your cPanel Hosting service.      What was found by Digtial Defense, Inc. “Digital Defense, Inc., a leader in vulnerability and threat management solutions, today announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting…

Read More

Uncategorized

Netgear Zero-Day Vulnerability Allows Full Takeover

A cybersecurity researcher found a Netgear Zero-Day vulnerability which allows full takeover of about 79 Netgear router models. “The specific flaw exists within the httpd service, which listens on TCP Port 80 by default,” according to the ZDI report, which covers the bug’s presence in the R6700 series Netgear routers. “The issue results from the…

Read More

Vulnerabilities

CISA Alerts in Ongoing Ransomware Exploiting Vulnerabilities in RDP and VPNs

The DHS Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert regarding an on going Nefilim ransomware campaign, after the New Zealand Computer Emergency Response Team (CERT NZ) issuing an alert as well. Nefilim ransomware is the successor of Nemty ransomware and was first discovered in February 2020. The developers of the ransomware conduct…

Read More

Uncategorized

Recent Plex Vulnerability Allows Full System Takeover

Recently it was found that Plex had a vulnerability that allowed hackers to do a full system takeover.  The three vulnerabilities that were found are CVE-2020-5740, CVE-2020-5741, and CVE-2020-5742 which was detected by Tenable security researcher Chris Lyne and reported to Plex on May 31st. If hackers are able to exploit this vulnerability they could execute code…

Read More

Available On Amazon

Polls

What Content Do You Want To See?

View Results

Loading ... Loading ...

Categories

Archives