Latest News
Stay up to date with the latest posts and updates
Alerts
-
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Original release date: December 22, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre…
4 min read
-
Four Bugs in Microsoft Teams Left Platform Vulnerable Since March
Attackers exploiting bugs in the “link preview” feature in Microsoft Teams could abuse the flaws to spoof links, leak an Android user’s IP address and launch a DoS…
4 min read
-
Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look
There are 17,000npatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.
4 min read
-
Two Active Directory Bugs Lead to Easy Windows Domain Takeover
Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12.
4 min read
-
FBI: Another Zoho ManageEngine Zero-Day Under Active Attack
APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence.
4 min read
-
Vulnerability Summary for the Week of December 13, 2021
Original release date: December 21, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info abb — omnicore_c30_firmware A Missing Authentication vulnerability…
4 min read
