0-day vulnerability
Microsoft Patches SharePoint Flaws as Hackers Rush to Exploit Them
As Microsoft puts the final patch in place, a growing number of hackers, including several China state-sponsored threat groups, are quickly pushing forward to exploit the security flaws that will allow them ...
Hackers Exploiting Microsoft Flaw to Attack Governments, Businesses
Hackers are exploiting a significant Microsoft vulnerability chain that allows them gain control of on-premises SharePoint servers, steal cryptographic keys, and access Windows applications like Outlook, Teams, and OneDrive. It also gives ...
CISA and FBI to Network Admins: Patch Atlassian Confluence Now
Federal security agencies are urging network administrators to immediately patch Atlassian Confluence servers to protect against a critical security flaw that is being exploited by cybercriminals. The Cybersecurity and Infrastructure Security Agency ...
Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in
Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ...
Sandbreak vm2 Flaw is a 10 But Exposes Vulnerability of Sandboxes
As vulnerabilities go, the Sandbreak vm2 flaw is as potentially as severe as it gets, snagging a 10.0 CVSS score. The bug, CVE-2022-36067, should be immediately patched if it’s used with applications, ...
New Cyber Safety Review Board Will Tackle Log4j Debacle First
DHS has launched the long-awaited Cyber Safety Review Board (CSRB) to assess major cybersecurity incidents and make recommendations for improvements. After a year in the making, the CSRB is first setting its ...
Log4j: Three Flaws and Counting
“With the attention CVE-2021-44228 has received, I wouldn’t be surprised if we saw a third CVE related to #Log4j2,” Valtix Senior Security Analyst Davis McCarthy said last week. Those prophetic words turned ...
Here We Go Again: Second Log4j Flaw Surfaces
Maybe Log4j vulnerabilities are like rats—for every one that’s visible, multiple others scurry beneath the surface. It’s too early to tell if that’s what will happen with Log4j. But just a day ...
What are the Potential Impacts that Zero-Day Vulnerabilities Pose to Your Organizations?
0-day vulnerability attacks have emerged as one of the major cybersecurity concerns in the last few years. It is known to target individuals, large enterprises, government agencies, and for that matter,. The post ...
Old Vulnerabilities Open the Door for WannaCry Ransomware
More than three years since it was discovered, WannaCry is still a threat for some organizations, research has found How often does your organization conduct a security assessment? Once a year? Once ...
