Exploits and vulnerabilities

SonicWall warns users to patch critical vulnerability “as soon as possible” - SonicWall is asking SMA 100 series customers to patch their appliances against a vulnerability that could give attackers administrator access.
Microsoft Exchange Autodiscover flaw reveals users’ passwords - Researchers were able to harvest hundreds of thousands of credentials thanks to a quirk of the Autodiscover process.
Patch now! Insecure Hikvision security cameras can be taken over remotely - Many Hikvision cameras are vulnerable to a critical, unauthenticated, remote code execution (RCE) vulnerability.
Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure - CVE-2021-22005 has a CVSS score of 9.8 and should be treated as an
FBI and CISA warn of APT groups exploiting ADSelfService Plus - APT actors are exploiting a recently-discovered flaw in ManageEngine's self-service password management product.
HP OMEN users, update your driver now! - Security researchers discovered a critical driver flaw in HP’s OMEN line of laptops and desktops. Millions of users are said to be affected.
[updated] Patch now! PrintNightmare over, MSHTML fixed, a new horror appears … OMIGOD - Septermber 2021's Patch Tuesday could be remembered for ending the PrintNightnare, or for the bug that made us go OMIGOD.
Update now! Google Chrome fixes two in-the-wild zero-days - The world's favorite browser has fixed a bunch of security issues, including a pair of bugs that are already being exploited in the wild.
500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords - Credentials were harvested from VPNs vulnerable to CVE-2018-13379. Even if they have been patched since, they may still be vulnerable.

Select your language