Exploits for vBulletin zero-day released, attacks are ongoing
The fix for CVE-2019-16759, a remote code execution vulnerability in vBulletin that was patched in September 2019, is incomplete, security researcher Amir Etemadieh has …
Critical ManageEngine ADSelfService Plus RCE flaw patched
A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands …
Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data
An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by …
Attackers are probing Citrix controllers and gateways through recently patched flaws
Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …
Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all
Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …
Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit
Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, …
PoC RCE exploit for SMBGhost Windows flaw released
A security researcher has published a PoC RCE exploit for SMBGhost (CVE-2020-0796), a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC …
VMware Cloud Director vulnerability enables a full cloud infrastructure takeover
A code injection vulnerability (CVE-2020-3956) affecting VMware vCloud Director could be exploited to take over the infrastructure of cloud services, Citadelo researchers have …
Hackers breached six Cisco servers through SaltStack Salt vulnerabilities
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was …
NSA warns about Sandworm APT exploiting Exim flaw
The Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019, the NSA has warned in a security …
Despite lower number of vulnerability disclosures, security teams have their work cut out for them
The number of vulnerabilities disclosed in Q1 2020 has decreased by 19.8% compared to Q1 2019, making this likely the only true dip observed within the last 10 years, Risk …
Have you updated SaltStack Salt? Attacks are underway!
Have you updated your SaltStack Salt “masters” and made them inaccessible over the internet – or at least restricted access to them? Even though F-Secure …