Pierluigi Paganini
September 14, 2020
Zerologon attack allows threat actors to take over enterprise networks by exploiting the CVE-2020-1472 patched in the August 2020 Patch Tuesday. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. The CVE-2020-1472 flaw is an elevation of privilege […]
Pierluigi Paganini
September 02, 2020
Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495, that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client that integrates users with presence, audion, video […]
Pierluigi Paganini
August 21, 2020
Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access. Both vulnerabilities were addressed by Microsoft in August, […]
Pierluigi Paganini
August 19, 2020
The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoft’s August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […]
Pierluigi Paganini
August 11, 2020
A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability (CVE 2020-13699), that could be exploited by remote attackers to steal system password and potentially compromise it. TeamViewer is a popular software application for remote control, […]
Pierluigi Paganini
July 17, 2020
US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. The US DHS CISA issued an emergency directive urging government agencies to patch the recently disclosed SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being […]
Pierluigi Paganini
July 01, 2020
Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities tracked as CVE-2020-1425 & CVE-2020-1457 that impact Windows 10 […]
Pierluigi Paganini
June 29, 2020
Researchers revealed that the number of daily brute-force attacks on Windows RDP has doubled during the pandemic lockdown. Security experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown. The phenomenon is not surprising because during the COVID-19 lockdown employees were forced to work from […]
Pierluigi Paganini
June 08, 2020
Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […]
Pierluigi Paganini
April 14, 2020
Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. 17 vulnerabilities are rated critical, the remaining ones are […]
