Nagios XI vulnerabilities open enterprise IT infrastructure to attack
Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to …
Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to …
A critical vulnerability (CVE-2021-34746) that affects Cisco Enterprise NFV Infrastructure Software (NFVIS) has been patched and Cisco is urging enterprise admins to quickly …
A day after the August 2021 Patch Tuesday, Microsoft has released an out-of-band security advisory acknowledging the existence of yet another Print Spooler vulnerability …
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …
Security researchers have unearthed new elevation of privilege (EoP) bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about …
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early …
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …
Drupal has released out-of-band security updates to fix two critical code execution flaws (CVE-2020-28948, CVE-2020-28949) in Drupal core, as “there are known exploits …