Chrome Zero-Day Under Active Attack: Patch ASAP
The year’s 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.
Continue ReadingCategory: Alert
Vodafone Portugal Hit by Hackers
Vodafone’s Portuguese unit said on Tuesday a hacker attack overnight had disrupted its services but assured its customers that their personal data had not been compromised as a result of the incident, which is under investigation. Vodafone Portugal said in a statement its system faced technical problems on Monday evening, with thousands of customers reporting […]
Continue ReadingZimbra zero-day vulnerability actively exploited to steal emails
A cross-site scripting (XSS) vulnerability in the Zimbra email platform is currently actively exploited in attacks targeting European media and government organizations. […]
Continue ReadingCritical Cisco Bugs Open VPN Routers to Cyberattacks
The company’s RV line of small-business routers contains 15 different security vulnerabilities that could enable everything from RCE to corporate network access and denial-of-service – and many have exploits circulating.
Continue ReadingResearcher found an Information Disclosure in the Brave browser
Security researcher discovered an Information Disclosure vulnerability in Brave browser and reported it through the HackerOne platform. Security researcher Kirtikumar Anandrao Ramchandani discovered an Information Disclosure vulnerability in the Brave Browser and reported it to the company through the HackerOne platform. The researcher discovered that when the browser is used with Tor it could leak […]
Continue Reading
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Microsoft did not share info about the attacks either the nature of the […]
Continue ReadingNew Unpatched 0-Day Actively Attack Windows By Abusing MS Office Documents
Microsoft issued a warning to Windows users that hackers actively exploiting an unpatched remote code execution 0-Day vulnerability in MSHTML using lured MS office documents. The MSHTML is a browser rendering engine that allows the Microsoft Internet Explorer Web browser to read and display HTML Web pages. Attackers are abusing the Microsoft office document by craft […]
Continue Reading
Atlassian Vulnerability Being Exploited in the Wild
Cyber Command and CISA Issue Alerts Cyber Command and the U.S. Cybersecurity and Infrastructure Security Agency issued alerts Friday warning those using Atlassian’s Confluence and Data Center products that attackers are actively exploiting the critical remote code execution vulnerability CVE-2021-26084. Source: Bank Info Security
Continue Reading
Cisco Published Two Critical and Six High-Severity Patches for Nexus Gear
The American multinational technology conglomerate corporation Cisco Systems, based in San Jose, California – has published six security patches for its high-end 9000 series networking gear, spanning in severity from critical, high, and medium. Cisco Systems designs, produce and distributes networking gear, software, telecom equipment, and a variety of other high-tech products and services. […]
Continue ReadingCERTFR-2021-ALE-017 : Multiples vulnérabilités dans Microsoft Exchange (27 août 2021)
Dans son bulletin d’actualité CERTFR-2021-ACT-035 du 12 août 2021 [1], le CERT-FR revenait sur la publication d’une technique permettant de prendre le contrôle d’un … Source: Cert FR
Continue Reading