April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell
Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.
Continue ReadingCategory: Vulnerabilities
Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver
The Shadowserver Foundation has started scanning the internet for Kubernetes API servers and found roughly 380,000 that allow some form of access. ShadowServer is conducting daily scans of the IPv4 space on ports 443 and 6443, looking for IP addresses that respond with an HTTP 200 OK status, which indicates that the request has succeeded. […]
Continue ReadingNVIDIA Patches Code Execution Vulnerabilities in Graphics Driver
NVIDIA has announced the roll-out of updates for its graphics drivers to address multiple vulnerabilities, including four CVEs rated “high severity.” read more
Continue ReadingLarge-Scale Attack Targeting Tatsu Builder WordPress Plugin
Tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin. read more
Continue ReadingNew Special Interest Group Aims to Enhance ICS/OT Cyber Defenses
MITRE has announced a new special interest group (SIG) whose goal is to help enhance cyber defenses for industrial control systems (ICS) and operational technology (OT). read more
Continue ReadingVulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card. NVIDIA graphics… [[ This is only the beginning! Please visit the blog for the […]
Continue ReadingVulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card. NVIDIA graphics… [[ This is only the beginning! Please visit the blog for the […]
Continue ReadingSysrv-K Botnet Targets Windows, Linux
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.
Continue ReadingiPhones Vulnerable to Attack Even When Turned Off
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
Continue ReadingApple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina
Apple on Monday rolled out security updates to patch tens of vulnerabilities across its operating systems, and it has finally released macOS Big Sur and Catalina patches for two exploited vulnerabilities. read more
Continue Reading