exploit Archives - Page 2 of 40

exploit

Attackers are probing Citrix controllers and gateways through recently patched flaws

July 10, 2020

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

July 8, 2020

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit

July 6, 2020

Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, …

PoC RCE exploit for SMBGhost Windows flaw released

June 8, 2020

A security researcher has published a PoC RCE exploit for SMBGhost (CVE-2020-0796), a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC …

VMware Cloud Director vulnerability enables a full cloud infrastructure takeover

June 2, 2020

A code injection vulnerability (CVE-2020-3956) affecting VMware vCloud Director could be exploited to take over the infrastructure of cloud services, Citadelo researchers have …

Hackers breached six Cisco servers through SaltStack Salt vulnerabilities

May 29, 2020

Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was …

NSA warns about Sandworm APT exploiting Exim flaw

May 29, 2020

The Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019, the NSA has warned in a security …

Despite lower number of vulnerability disclosures, security teams have their work cut out for them

May 29, 2020

The number of vulnerabilities disclosed in Q1 2020 has decreased by 19.8% compared to Q1 2019, making this likely the only true dip observed within the last 10 years, Risk …

Have you updated SaltStack Salt? Attacks are underway!

May 11, 2020

Have you updated your SaltStack Salt “masters” and made them inaccessible over the internet – or at least restricted access to them? Even though F-Secure …

Widely available ICS attack tools lower the barrier for attackers

March 24, 2020

The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …

WordPress and Apache Struts weaponized vulnerabilities on the rise

March 17, 2020

Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to …

Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?

February 26, 2020

CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a …

exploit

Attackers are probing Citrix controllers and gateways through recently patched flaws

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit

PoC RCE exploit for SMBGhost Windows flaw released

VMware Cloud Director vulnerability enables a full cloud infrastructure takeover

Hackers breached six Cisco servers through SaltStack Salt vulnerabilities

NSA warns about Sandworm APT exploiting Exim flaw

Despite lower number of vulnerability disclosures, security teams have their work cut out for them

Have you updated SaltStack Salt? Attacks are underway!

Widely available ICS attack tools lower the barrier for attackers

WordPress and Apache Struts weaponized vulnerabilities on the rise

Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?

Don't miss

Bolstering healthcare IT against growing security threats

Retail and hospitality sector fixing software flaws at a faster rate than others

Bugs in Signal, other video chat apps allowed attackers to listen in on users

Ransomware provides the perfect cover

Financial institutions can strengthen cybersecurity with SWIFT’s CSCF v2021