Malware and Vulnerabilities

Microsoft releases mitigations and advisory For the New PetitPotam NTLM Relay Attack that abuses a remote access protocol called Encrypting File System Remote Protocol (MS-EFSRPC).Microsoft also posted detailed instructions on how to protect Windows domain controllers and other Windows...

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver software.According to the researchers, some HP, Xerox, and Samsung printer models contained vulnerable driver software, sold...

Kaseya Florida-based software vendor On Sunday rolled out a security update for the VSA zero-day vulnerabilities exploited by the REvil ransomware gang in the massive ransomware supply chain attack.Kaseya VSA is a remote management and monitoring solution commonly used...

A critical vulnerability in Palo Alto Networks, Cortex XSOAR system could have allowed an attacker to perform a command and control in the Cortex XSOAR War Room as well as perform other actions on the platform, without having to...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on Friday, Issued an advisory about a critical vulnerability in the ThroughTek software that is being used in the devices, including baby monitoring cameras, which may give hackers access to audio...

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video without the user's permission.On April 17, security researcher Ahmad Talahmeh published a statement outlining how the threat works, as well...

The National Security Agency on Tuesday said it had warned Microsoft of several serious problems that criminals could use to hack the Exchange Server email system remotely.Microsoft today released a series of Server Security updates that address a range...

Xcode malicious projects are used to hijack developer systems and distribute EggShell custom backdoors.The malware, called XcodeSpy, is targeted by Xcode, an integrated development platform (IDE) used in macOS for Apple's software development.According to a study published by Sentinel...

Apple releases fix for a bug that could affect iPhone, iPad, and Mac which could lead to arbitrary code execution by visiting malicious web content.Like most bugs, this is a memory-related bug and affects WebKit, the browser behind Safari...

The Salt Project has patched a privilege escalation bug impacting SaltStack Salt minions that could be used during a wider exploit chain. The vulnerability, CVE-2020-28243, is described as a privilege escalation bug impacting SaltStack Salt minions allowing "an unprivileged user to...