Apple has released MacOS 11.3 which patches a critical zero-day bug that allows malware to bypass the built in Gatekeeper and Notarization protections designed to protect users from malicious software. The bug is already under active attack from Shlayer malware and because it is trivial to replicate, you can expect to see a slew ofRead more
Blog
Security networking vendors SonicWall and Pulse Secure have both issued urgent alerts to customers regarding active zero-day attacks exploiting vulnerabilities in their products. SonicWall 3 zero-day vulnerabilities SonicWall has patched three zero-day vulnerabilities that affect their Email Security product. When chained together the vulnerabilities could allow an attacker to create a new administrator account onRead more
The UK National Cyber Security Centre has issued an alert warning organisation to urgently identify and patch Fortinet VPN devices on their networks. The NCSC alert warns : The NCSC is concerned that a significant number of organisations in the UK have not patched the Fortinet VPN vulnerability CVE-2018-13379. This continues to be actively exploitedRead more
SAP has issued an urgent security report after an increase in attacks against unpatched SAP systems using a variety of attack vectors. A new report from SAP and security firm Onapsis details how criminals are targeting mission critical SAP systems which are vulnerable due to security patches not being applied in a timely manner. TheRead more
Microsoft has updated their Microsoft Safety Scanner (MSERT) tool so that it detects Web Shells installed on your Exchange servers through the ProxyLogon vulnerability. Last week Microsoft issued emergency patches to address four zero-day exploits that were being exploited by the Hafnium group. Since the disclosures, criminal groups have been targeting Microsoft Exchange Servers aroundRead more
Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. The exploits have been linked to theRead more
A critical vulnerability in vCenter Server could allow an unauthenticated attacker to execute arbitrary code on the server that hosts vCenter and so take over the system. vCenter Server is used by IT Admins to manage VMware installations and the virtual machines that run in the VMware environment. The vulnerability (CVE-2021-21972) in a plug-in usedRead more
In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service. That’s right, someone can send you a fax and take over your Windows system. While you might be tempted to think: ‘who sends faxes these days?’ that is theRead more
The NAT Slipstreaming2.0 attack exploits the standard support for VOIP routing in NAT routers/firewalls to expose all devices on the internal network to attack from the internet. A new variant of the NAT Slipstreaming attack has been published which extends the attack to abuse the H.323 protocol used by VOIP devices to manage call forwarding. Read more
This week both SonicWall and Cisco have released patches for critical vulnerabilities in their networking products. SonicWall zero day The SonicWall vulnerability (CVE-2021-20016) is a zero-day under active attack – in fact it was used to breach SonicWall’s own network in January according to their security advisory. The flaw affects SonicWall SMA 100 series devicesRead more
