A remote code execution vulnerability has been identified in the open source JSON Web Token (JWT) library in versions 8.5.1 and earlier. This was identified by Unit42 researchers at Palo Alto Networks back in July, and has been finally patched by the Auth0 engineering team just before Christmas. Unit 42 have released a blog post […]
Auth0 Patch RCE Vulnerability in JSON Web Token Read More »
A legitimate Windows executable is being abused by malicious actors to stealthily infect devices with malware without raising any alarms. The Windows Error Reporting tool WerFault.exe can be exploited to load malware onto a system using a DLL sideloading technique in an attack K7 Security Labs have published an analysis for last week. This legitimate
Windows Error Reporting Tool Abused to Load Malware Read More »
A high severity SQL injection vulnerability has been patched in recent updates for Zoho ManageEngine products Password Manager Pro, PAM360, and Access Manager Plus. The software provider released a security advisory for this vulnerability where they advised customers of all three affected products to upgrade to the latest versions immediately due to the severity of
High Severity Vulnerability in ManageEngine Products Read More »
A recently discovered vulnerability in Synology routers configured to run as VPN servers has been given a critical severity rating and the maximum CVSS score of 10/10. Synology is a global data management and security company specialising in network attached storage (NAS) and storage area network (SAN) devices. Synology Router Manager (SRM) is the operating
Critical Vulnerability in Synology Router VPN Servers Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.