Tag Archives: Vulnerability

Is Your Microsoft Exchange Server Vulnerable to ProxyNotShell Flaw?
According to the non-profit Shadowserver Foundation, there are approximately 60,000 IP addresses with internet-facing Microsoft Exchange Server instances still vulnerable to CVE-2022-41082.
This might look like a standard Exchange Server bug, but it’s actually a lot worse. It’s really two … Read the rest

Synology And QNAP Critical Netatalk Vulnerability
Synology and QNAP has warned its customers that it has found serious vulnerabilities in its NAS devices. The flaws, which exist in its network-attached storage (NAS) appliances, could allow attackers to gain remote access to vulnerable systems, modify data or … Read the rest

Vulnerability in Spring Java framework called Spring4Shell
Spring4Shell CVE-2022-22965, a critical vulnerability has been found in Spring, an open source programming framework for the Java platform. It could allow hackers to take control of your system. Details about the vulnerability were leaked to the public before the … Read the rest

OpenSSL Infinite Loop Vulnerability
The US National Security Agency (NSA) officials have recently discovered a vulnerability in the OpenSSL cryptographic library. This vulnerability can be used to conduct denial-of-service attacks and can be easily weaponized by its potential attackers.
OpenSSL is a popular cryptography … Read the rest

5 Critical VMware ESXi Vulnerabilities
It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could … Read the rest

Hackers Exploiting Cisco RV VPN Routers
Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.
Why are they even … Read the rest

New UEFI Bootkit called MoonBounce
Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers … Read the rest

Microsoft Warns Log4j Flaw Attacks Remain High
Microsoft has warned that Windows and Azure customers should be on high alert after spotting state-sponsored and cyber-criminal hackers probing systems for a flaw in the Log4j. Microsoft says it spotted attackers using the Log4j flaw through December.
The Apache … Read the rest

Windows Zero-Day Allows Privileged File Access

Hashthemes Demo Importer WordPress Plugin Vulnerability
The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use … Read the rest