Security firm Ivanti addressed a critical vulnerability in its Pulse Connect Secure VPN appliances that could be exploited to execute arbitrary code with root privileges. IT firm Ivanti released security updates to address multiple vulnerabilities in its Pulse Connect Secure VPN appliances. The most severe flaw, tracked as CVE-2021-22937 is a high-severity remote code execution […]
VMware has addressed a critical vulnerability that affects multiple products that could be exploited to gain access to confidential information. VMware has released security updates to address multiple flaws in its products, including a critical issue that could allow an attacker to access confidential information. A couple of vulnerabilities tracked as CVE-2021-22002 and CVE-2021-22003, impact Workspace […]
BlackMatter gang rapidly evolves, the group has developed a Linux version that allows operators to targets VMware’s ESXi VM platform. The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the […]
An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with the info about one of the operators. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS, he also published the info about one […]
The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver.  By UPTYCS THREAT RESEARCH Original research by Siddarth Sharma The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining […]
Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity pre-auth security vulnerabilities that impact multiple Small Business VPN routers. An attacker could exploit the issues to trigger a denial of service condition or execute commands and arbitrary code on impacted multiple Small Business VPN […]
Cyber Defense Magazine August 2021 Edition has arrived. We hope you enjoy this monthâs editionâŠpacked with over 148 pages of excellent content. Cyber Defense eMagazine August Edition for 2021Grab this PDF version and help fund our operations:https://cyberdefensemagazine.tradepub.com/free/w_cyba125/ Here’s the Yumpu Magazine Versionhttps://www.yumpu.com/en/document/read/65794079/cyber-defense-emagazine-august-edition-for-2021 Here’s a free PDF Version hosted on our site:https://www.cyberdefensemagazine.com/newsletters/august-2021/CDM-CYBER-DEFENSE-eMAGAZINE-August-2021.pdf Mobile Versionhttps://www.cyberdefensemagazine.com/newsletters/august-2021/index.html The Black […]
China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. Cybereason researchers identified three clusters of activity associated with China-linked threat actors that carried out a series of attacks against networks of at least five major telecommunications companies located in South Asia since 2017. “The goal […]
Cisco addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software that allows attackers to execute arbitrary code on vulnerable devices. Cisco has addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software, tracked as CVE-2021-1518, that could be exploited by an attacker to execute arbitrary code on vulnerable devices. FDM On-Box allows […]
A flaw in the GitHub Actions workflow for PyPI âs source repository could be exploited to potentially execute arbitrary code on pypi.org. Security researcher RyotaK disclosed three flaws in PyPI, the most severe one could potentially lead to the compromise of the entire PyPI infrastructure. Python Package Index (PyPI) is the official third-party software repository […]