Researchers Discovered High-Severity Remote Code Execution Bug in F5 Products

Experts from Rapid7 observed a customized CentOS installation operating on F5 BIG-IP and BIG-IQ devices found to have various vulnerabilities.  While the other flaws are security bypass methods that F5 does not consider vulnerabilities, two of the vulnerabilities have been categorized as high-severity remote code execution vulnerabilities and given CVE IDs. Vulnerabilities Discovered The first […]

Continue Reading

Commentaire de Kaspersky concernant la vulnérabilité Log4shell

La semaine dernière, une nouvelle vulnérabilité critique particulièrement dangereuse a été découverte dans la bibliothèque Apached Log4j. CVE-2021-44228 ou Log4Shell ou LogJam, est ce que l’on appelle une vulnérabilité de classe RCE (Remote Code Execution), ce qui signifie que si elle est exploitée sur un serveur vulnérable, les attaquants peuvent exécuter du code arbitrairement et […]

Continue Reading

PrintNightmare: Here’s what you need to know and Talos’ coverage

Over the past several weeks, there’s been a lot of discussion about a particular privilege escalation vulnerability in Windows affecting the print spooler, dubbed PrintNightmare. The vulnerability (CVE-2021-1675/CVE-2021-34527) has now been patched multiple times but is believed to still be… [[ This is only the beginning! Please visit the blog for the complete entry ]] […]

Continue Reading

PrintNightmare Threat Continues, Microsoft Confirms Exploit Present in All Variants

  Microsoft has marked CVE-2021-34527 remote code execution vulnerability (print Spooler) called “Print Nightmare.” EHN previously reported that the latest bug “CVE-2021-1675” was in the long queue of Print Spooler Bugs, and was first found by researchers at Tencent Security, NSFOCUS, and AFINE earlier this year. Microsoft said that the compromised code is sneaking all […]

Continue Reading