Category: alerts

The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. Read more

A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets. Read more

Original release date: June 6, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info microsoft — windows_server_2012 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. 2022-06-01 9.3 CVE-2022-30190 N/A Back to top   Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch… Read more

Original release date: June 3, 2022 Atlassian has released new Confluence Server and Data Center versions to address remote code execution vulnerability CVE-2022-26134 affecting these products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known exploitation of tmhis vulnerability.. CISA strongly urges organizations to review Confluence Security… Read more

Original release date: June 3, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) detailing vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. Exploitation of these vulnerabilities would require physical access to individual ImageCast X devices,… Read more

Original release date: June 2, 2022 Atlassian has released a security advisory to address a remote code execution vulnerability (CVE-2022-26134) affecting Confluence Server and Data Center products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known exploitation of this vulnerability. There are currently no updates available.… Read more

Original release date: June 2, 2022 CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on… Read more

Original release date: June 2, 2022 CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators of compromise and detection signatures, as well as tactics, techniques, and procedures reported by trusted third parties. CISA encourages… Read more

Original release date: June 2, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) detailing multiple vulnerabilities in Illumina Local Run Manager. Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at the operating system level. These vulnerabilities could impact… Read more

Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links. Read more