Security researchers from the Eclypsium research team have discovered a vulnerability in the Windows Platform Binary Table (WPBT) that allows attackers to install rootkits on all Windows devices shipped since 2012. WBPT is a fixed firmware ACPI (Advanced Configuration and Power Interface), introduced in Windows 8 to allow vendors to execute programs when the devices […]
The maintainers of Travis CI, a continuous integration provider located in Berlin, have patched a vulnerability that exposes API and signing keys as well as access credentials to unauthorised third parties. This vulnerability possibly impacts thousands of companies and the maintainers have been criticised for not releasing any technical advisories on the issue itself. The […]
An ongoing Zloader campaign utilises a new methodology to disable Microsoft Defender Antivirus. Formerly known as Windows Defender. Microsoft Defender Antivirus is currently running on over a billion instances of Windows 10, according to Microsoft’s own statistics. The threat actors have begun to utilise various applications such as Discord, TeamViewer and Zoom advertisements on Google […]
Netgear has released patches for the firmware version of more than a dozen smart switches used in corporate networks. The patches address three high impact vulnerabilities, two of which have exploit code publicly available. Netgear has identified these bugs as PSV-2021-0140, PSV-2021-0144, PSV-2021-0145, CVE tracking numbers are yet to be assigned. Additionally, many products affected […]
Security experts are sending out a high alert on a critical vulnerability that heavily affected tons of devices used worldwide that are connected to the ThroughTek’s Kalay IoT cloud platform. The Impact The vulnerability impacts products from different companies that produce reconnaissance and video solutions that include home computerised IoT frameworks, which utilise the Kalay […]
Three days after the revelation, cyber attackers are commandeering home routers from 20 vendors along with ISPs. The security blemish, followed as CVE-2021-20090, was revealed last week by specialists at Tenable. It influences gadgets from 20 unique sellers and ISPs (ADB, Arcadyan, ASMAX, ASUS, Beeline, British Telecom, Buffalo, Deutsche Telekom, HughesNet, KPN, O2, Orange, Skinny, […]
The Zimbra webmail solution is affected by two serious vulnerabilities that could allow an attacker to gain complete access to an organisation’s sent and received emails. Zimbra released patches in June for these vulnerabilities, which a researcher at SonarSource discovered. CVE-2021-35208, the first of these vulnerabilities, is a stored cross-site scripting vulnerability affecting the Document […]
Several vulnerabilities have been discovered in the Frontend File manager plugin in WordPress, which allows a remote attacker to inject malicious JavaScript into vulnerable websites. This is a class of vulnerability known as cross-site scripting (XSS). In this scenario, the XSS allows an attacker to: Delete blog pages Create admin user accounts Gain remote code […]
REvil ransomware producers have ported their malware over to Linux to expand their campaigns. The primary objective appears to be to infect VMware’s ESXi virtual machine management software and Network-attached storage (NAS) devices. Researchers at AT&T’s Alien Labs have identified four samples in the wild. Whilst not unheard of, Linux attacks are rarer than compromises […]
Researchers at ZX Security discovered a chain of vulnerabilities that ends with Remote Code Execution in the Accellion Kitework® framework. Kiteworks is a secure file-sharing platform targeted at enterprise audiences that facilitates sharing, syncing, and modifying files between internal and external users on multiple devices. CVE 2021-31585 was discovered in the administrative functionality, specifically the […]