+44 (0)203 88 020 88

Menu

Search

2022

Issues with Windows 11 22H2 Update Addressed

The recent Windows 11 2022 Update has been experiencing issues and failing to finish installing due to provisioning issues, leaving some partially configured endpoints vulnerable. Also known as version 22H2, this update immediately impacted some users by causing Remote Desktop clients to not connect, randomly disconnect, or freeze unexpectedly. Since then, Microsoft have released issue […]

Issues with Windows 11 22H2 Update Addressed Read More »

Microsoft Exchange Server Vulnerabilities Exploited

Two high severity zero-day vulnerabilities for the Microsoft Exchange Server have been found to be exploited in the wild. An elevation of privilege vulnerability, and a remote code execution vulnerability have been used by attackers to gain access into victim’s systems. The Cybersecurity and Infrastructure Security Agency (CISA) recently added these two flaws to their

Microsoft Exchange Server Vulnerabilities Exploited Read More »

RCE Vulnerability in Password Manager Pro

A Zoho ManageEngine vulnerability has been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) known exploited vulnerabilities catalog last week. This remote code execution (RCE) vulnerability affects Password Manager Pro versions 12100 and below, Access Manager Plus versions 4302 and below, and PAM360 versions 5500 and below. Proof of concept (POC) code for an

RCE Vulnerability in Password Manager Pro Read More »

Erbium Stealer Malware Sold As A Service

A new information stealing malware is being distributed as malware-as-a-service (MaaS) by threat actors under the guise of fake cheats for popular video games. The malware known as Erbium is designed to harvest the credentials from the victims, stealing passwords and other login information for a range of accounts, including cryptocurrency wallets. Threat researchers CYFIRMA

Erbium Stealer Malware Sold As A Service Read More »

Adobe Magento Vulnerability Exploited in Attacks

Adobe Commerce and Magento Open Source have been targeted in a recent wave of attacks that exploit a critical vulnerability. Threat researchers at Sansec released a report this week that details the methodology of this remote access trojan attack. The vulnerability exploited in these attacks, CVE-2022-24086, was found to be actively exploited as early as

Adobe Magento Vulnerability Exploited in Attacks Read More »

Microsoft Teams Reverse Shell Attack Using GIFs

A number of vulnerabilities have been exploited in Microsoft Teams by attackers through the use of GIFs. The attack technique has been named ‘GIFShell’, and allows the attackers to send malicious files, execute commands, and exfiltrate data from their victims. Affected versions of Microsoft Teams include version 1.5.00.11163 and earlier, where the exploited insecure design

Microsoft Teams Reverse Shell Attack Using GIFs Read More »

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks

A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »

0

No products in the basket.

No products in the basket.