VMware has released patches that address a new critical security advisory, VMSA-2021-0020. This needs your immediate attention if you are using vCenter Server...
https://blogs.vmware.com/vsphere/2021/09/vmsa-2021-0020-what-you-need-to-know.html
0 Comments
A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines...
https://thehackernews.com/2021/09/new-malware-targets-windows-subsystem.html AMD has advised Windows users this week to update their operating systems in order to receive a patch for a dangerous vulnerability in one of its CPU chipset drivers that can be exploited to dump system memory and steal sensitive information from AMD-powered computers...
https://therecord.media/amd-cpu-driver-bug-can-break-kaslr-expose-passwords/ Network security solutions provider Fortinet confirmed that a malicious actor had unauthorizedly disclosed VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices...
https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software...
https://thehackernews.com/2021/08/microsoft-warns-of-widespread-phishing.html Microsoft on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cybersecurity researcher...
https://www.scmp.com/tech/big-tech/article/3146567/microsoft-cloud-databases-exposed-thousands-customers-unexploited Pulse Secure has shipped a fix for a critical post-authentication remote code execution (RCE) vulnerability in its Connect Secure virtual private network (VPN) appliances to address an incomplete patch for an actively exploited flaw it previously resolved in October 2020...
https://thehackernews.com/2021/08/pulse-secure-vpns-get-new-urgent-update.html Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks that lead to ransomware infections...
https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/ A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain...
https://www.bleepingcomputer.com/news/microsoft/new-petitpotam-attack-allows-take-over-of-windows-domains/ |
Categories |