ProxyShell: Attackers Actively Scanning for Vulnerable Microsoft Exchange Servers (CVE-2021-34473)
August 9, 2021Three vulnerabilities from DEVCORE researcher Orange Tsai could be chained to achieve unauthenticated remote code execution. Attackers are searching for vulnerable instances to exploit. Update August...
CVE-2021-22937: Remote Code Execution Patch Bypass in Pulse Connect Secure
August 5, 2021Pulse Secure has patched CVE-2021-22937, a patch bypass for CVE-2020-8260, in its Connect Secure products. Background On August 2, Pulse Secure published an advisory and patches for several vulnerab...
CVE-2021-1609: Critical Remote Code Execution Vulnerability in Cisco Small Business VPN Routers
August 5, 2021Cisco releases patches for Critical vulnerabilities in its line of Small Business VPN Routers. Background On August 4, Cisco released several security advisories, including an advisory for two vulne...
Oracle July 2021 Critical Patch Update Addresses 231 CVEs
July 21, 2021Oracle addresses 231 CVEs in its third quarterly update of 2021 with 342 patches, including 49 critical updates. Background On July 20, Oracle released its Critical Patch Update (CPU) for July 2021...
CVE-2021-35211: SolarWinds Serv-U Managed File Transfer Zero-Day Vulnerability Exploited in Targeted Attacks
July 14, 2021Following a patch for a zero-day vulnerability in SolarWinds’ Serv-U Managed File Transfer, researchers share new details about the attacks, as over 8,000 systems remain publicly accessible and potent...
Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)
July 13, 2021Microsoft highlights 116 CVEs including two which were addressed by April patches. Microsoft patched 116 CVEs in the July 2021 Patch Tuesday release, including 12 CVEs rated as critical, 103 rated as important and one rated as moderate. It’s only the second time in 2021 that Microsoft has included more than 100 vulnerabilities in Patch Tuesday, while it passed that milestone eight times in 2020.
CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
July 7, 2021Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update Jul...
CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya VSA Exploited to Distribute REvil Ransomware
July 6, 2021Zero-day vulnerabilities in popular remote monitoring and management software targeted by threat actors to distribute ransomware to reportedly over one million systems. Update July 22, 2021: Kaseya s...
CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability
June 29, 2021Researchers published and deleted proof-of-concept code for a remote code execution vulnerability in Windows Print Spooler, called PrintNightmare, though the PoC is likely still available. Update Jul...
CVE-2020-3580: Proof of Concept Published for Cisco ASA Flaw Patched in October
June 24, 2021Researchers at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit. Update June 28: The Backgr...
Elon Musk and YouTube Advertising Scams: Fake SpaceX “Coin” Promoted in Ads During Cryptocurrency Videos
June 24, 2021Scammers are on pace to steal nearly $1 million USD from unsuspecting users through a popular decentralized finance protocol, Uniswap, by abusing YouTube to promote a fake SpaceX coin as part of ads a...
CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
June 23, 2021SonicWall issues a new advisory and CVE identifier to address an incomplete fix for CVE-2020-5135. Background On June 22, SonicWall published an advisory (SNWLID-2021-0006) to address an incomplete ...