Vulnerabilities Archives

Exchange 0-day exploits need patching today

Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. The exploits have been linked to the […]

Exchange 0-day exploits need patching today Read More »

VMware patches critical RCE in vCenter Server

News, Vulnerabilities / secureteampstg

A critical vulnerability in vCenter Server could allow an unauthenticated attacker to execute arbitrary code on the server that hosts vCenter and so take over the system. vCenter Server is used by IT Admins to manage VMware installations and the virtual machines that run in the VMware environment. The vulnerability (CVE-2021-21972) in a plug-in used

VMware patches critical RCE in vCenter Server Read More »

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

News, Vulnerabilities / secureteampstg

In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service. That’s right, someone can send you a fax and take over your Windows system. While you might be tempted to think: ‘who sends faxes these days?’ that is the

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care Read More »

Billion users at risk from vulnerable Android app

News, Vulnerabilities / secureteampstg

The SHAREit app has over a billion users on Android – and it can be exploited to steal user’s data or run malicious code on the device. A new report from Trend Micro details the vulnerabilities in the SHAREit app, which is one of the most popular downloads from the Google Play Store. According to

Billion users at risk from vulnerable Android app Read More »

Plex Media Server abused in DDOS Attacks

News, Vulnerabilities / secureteampstg

37,000 Plex Media servers exposed to the internet are being abused in DDOS attacks according to a new security report. Plex Media Server is a personal media library and streaming platform available on Windows, Mac and Linux platforms. One of the attractions of Plex is the ability to stream your local media library to remote

Plex Media Server abused in DDOS Attacks Read More »

What is the Nat Slipstreaming2.0 Attack?

News, Vulnerabilities / secureteampstg

The NAT Slipstreaming2.0 attack exploits the standard support for VOIP routing in NAT routers/firewalls to expose all devices on the internal network to attack from the internet. A new variant of the NAT Slipstreaming attack has been published which extends the attack to abuse the H.323 protocol used by VOIP devices to manage call forwarding.

What is the Nat Slipstreaming2.0 Attack? Read More »

SonicWall and Cisco patch critical vulnerabilities

News, Vulnerabilities / secureteampstg

This week both SonicWall and Cisco have released patches for critical vulnerabilities in their networking products. SonicWall zero day The SonicWall vulnerability (CVE-2021-20016) is a zero-day under active attack – in fact it was used to breach SonicWall’s own network in January according to their security advisory. The flaw affects SonicWall SMA 100 series devices

SonicWall and Cisco patch critical vulnerabilities Read More »

Apple patches critical iOS vulnerabilities

News, Uncategorized, Vulnerabilities / secureteampstg

Apple has released iOS 14.4 which contains fixes for two critical security vulnerabilities which they admit may have been actively exploited in the wild. The first flaw (CVE-2021-1871, CVE-2021-1870) in iOS and iPadOS is a WebKit vulnerability which could be exploited by a malicious webpage in the Safari browser to execute arbitrary code on the

Apple patches critical iOS vulnerabilities Read More »

Critical SUDO vulnerability discovered

News, Vulnerabilities / secureteampstg

A serious bug in the Linux SUDO utility has been discovered that allows any user to gain root privilege on a Linux system. The flaw was discovered by security firm Qualys and they describe it in their blog post as a heap overflow vulnerability that means: any unprivileged user can gain root privileges on a

Critical SUDO vulnerability discovered Read More »

Microsoft Patches Critical Bugs

News, Vulnerabilities / secureteampstg

Microsoft starts the year with their first patch Tuesday bundle of security fixes targeting 10 Critical vulnerabilities include a zero-day being exploited in Windows Defender. The Windows Defender vulnerability (CVE-2021-1647) is reported by Microsoft as having been detected under active exploitation in the wild – but precious little context information is provided under the firm’s

Microsoft Patches Critical Bugs Read More »

Vulnerabilities

Exchange 0-day exploits need patching today

VMware patches critical RCE in vCenter Server

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

Billion users at risk from vulnerable Android app

Plex Media Server abused in DDOS Attacks

What is the Nat Slipstreaming2.0 Attack?

SonicWall and Cisco patch critical vulnerabilities

Apple patches critical iOS vulnerabilities

Critical SUDO vulnerability discovered

Microsoft Patches Critical Bugs

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch