+44 (0)203 88 020 88

Menu

Search

Vulnerabilities

16 Malicious Android Apps on Google Play Store

A range of malicious adware apps have been found on the Google Play store by security researchers at  McAfee. It is estimated that 20 million installations across 16 different apps occurred before they were identified and subsequently removed from Google Play. These apps contained clicker malware, which runs in the background without the user’s knowledge. […]

16 Malicious Android Apps on Google Play Store Read More »

Windows Zero-Day Flaw Gets Free Unofficial Patch

An actively exploited zero-day flaw that prevents Windows from properly identifying potentially malicious documents by flagging them as downloaded from the web has been given an unofficial patch. The security issue was first brought to Microsoft’s attention by a security researcher 3 month ago, however no official update to correct this has been released. Security

Windows Zero-Day Flaw Gets Free Unofficial Patch Read More »

Fortinet Critical Authentication Bypass Vulnerability

A communication has been sent by Fortinet to their customers confirming a critical severity vulnerability in FortiOS and FortiProxy. The global cyber security company have warned administrators to update FortiGate firewalls and FortiProxy web proxies to the latest available versions to address this vulnerability. Although a full security advisory has not been released yet for

Fortinet Critical Authentication Bypass Vulnerability Read More »

Microsoft Exchange Server Vulnerabilities Exploited

Two high severity zero-day vulnerabilities for the Microsoft Exchange Server have been found to be exploited in the wild. An elevation of privilege vulnerability, and a remote code execution vulnerability have been used by attackers to gain access into victim’s systems. The Cybersecurity and Infrastructure Security Agency (CISA) recently added these two flaws to their

Microsoft Exchange Server Vulnerabilities Exploited Read More »

RCE Vulnerability in Password Manager Pro

A Zoho ManageEngine vulnerability has been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) known exploited vulnerabilities catalog last week. This remote code execution (RCE) vulnerability affects Password Manager Pro versions 12100 and below, Access Manager Plus versions 4302 and below, and PAM360 versions 5500 and below. Proof of concept (POC) code for an

RCE Vulnerability in Password Manager Pro Read More »

Erbium Stealer Malware Sold As A Service

A new information stealing malware is being distributed as malware-as-a-service (MaaS) by threat actors under the guise of fake cheats for popular video games. The malware known as Erbium is designed to harvest the credentials from the victims, stealing passwords and other login information for a range of accounts, including cryptocurrency wallets. Threat researchers CYFIRMA

Erbium Stealer Malware Sold As A Service Read More »

Adobe Magento Vulnerability Exploited in Attacks

Adobe Commerce and Magento Open Source have been targeted in a recent wave of attacks that exploit a critical vulnerability. Threat researchers at Sansec released a report this week that details the methodology of this remote access trojan attack. The vulnerability exploited in these attacks, CVE-2022-24086, was found to be actively exploited as early as

Adobe Magento Vulnerability Exploited in Attacks Read More »

0

No products in the basket.

No products in the basket.