+44 (0)203 88 020 88

Menu

Search

News

Microsoft Teams Reverse Shell Attack Using GIFs

A number of vulnerabilities have been exploited in Microsoft Teams by attackers through the use of GIFs. The attack technique has been named ‘GIFShell’, and allows the attackers to send malicious files, execute commands, and exfiltrate data from their victims. Affected versions of Microsoft Teams include version 1.5.00.11163 and earlier, where the exploited insecure design

Microsoft Teams Reverse Shell Attack Using GIFs Read More »

Actively Exploited Vulnerabilities in D-Link Devices

Four vulnerabilities in D-Link routers have been added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities Catalog this week. Also included in this week’s catalogue updates were now-patched zero-day vulnerabilities in Google Chrome, and Photo Station QNAP software.    Three of the D-Link vulnerabilities identified as exploited by their addition to this list

Actively Exploited Vulnerabilities in D-Link Devices Read More »

Five Malicious Chrome Extensions Identified

Threat researchers at McAfee Labs have discovered 5 malicious extensions for Google Chrome, that track the browsing activity of the user, with a total of 1.4 million users affected. The identified extensions are: Netflix Party, Netflix Party 2, Full Page Screenshot Capture – Screenshotting, FlipShope – Price Tracker Extension, and AutoBuy Flash Sales. Although these

Five Malicious Chrome Extensions Identified Read More »

Critical Atlassian Bitbucket Vulnerability

A critical vulnerability has been identified in multiple versions of Atlassian’s Bitbucket Server and Bitbucket Data Center. A recent advisory released by Bitbucket Support explains that all versions after 6.10.17, including 7.0.0 and later, have been affected by this flaw. However, this vulnerability is not present in Atlassian Cloud sites, so users who access Bitbucket

Critical Atlassian Bitbucket Vulnerability Read More »

GitLab Patch Critical Remote Code Execution Flaw

GitLab have published a critical security release this week to notify their users about an update that contains important security fixes. Versions 15.3.1, 15.2.3, and 15.1.5 were released for GitLab Community Edition (CE) and Enterprise Edition (EE), in order to patch a remote code execution (RCE) vulnerability. GitLab is used as a DevOps platform for

GitLab Patch Critical Remote Code Execution Flaw Read More »

Palo Alto Networks Exploited in DoS Attacks

A denial-of-service vulnerability was identified this month in Palo Alto Networks PAN-OS software. This week, the Cybersecurity and Infrastructure Agency (CISA), a branch of the US government, have added this vulnerability to their list of known exploited vulnerabilities. Tracked as CVE-2022-0028, this flaw affects the URL filtering policy in multiple versions of PAN-OS running on

Palo Alto Networks Exploited in DoS Attacks Read More »

0

No products in the basket.

No products in the basket.