Pierluigi Paganini
April 02, 2021
Researchers from TIMâs Red Team Research discovered five new vulnerabilities affecting the CA eHealth Performance Manager product. Researchers from TIMâs Red Team Research led by Massimiliano Brolli, discovered 5 new vulnerabilities affecting the CA eHealth Performance Manager product. CA Technologies is an American multinational corporation specialized in business-to-business (B2B) software with a product portfolio focused […]
Pierluigi Paganini
March 23, 2021
Google addressed a zero-day vulnerability affecting Android devices that use Qualcomm chipsets which is actively exploited in the wild. Google has addressed a zero-day vulnerability, tracked as CVE-2020-11261, affecting Android devices that use Qualcomm chipsets. According to the IT giant, threat actors are actively exploiting the vulnerability in attacks in the wild. The CVE-2020-11261Â flaw, is […]
Pierluigi Paganini
March 20, 2021
A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Googleâs Project Zero security team published a report about the activity of a mysterious hacking group that operated over the course of 2020 and exploited at least 11 […]
Pierluigi Paganini
March 15, 2021
Google has addressed a new zero-day flaw in its Chrome browser that has been actively exploited in the wild, the second one within a month Google has fixed a new actively exploited zero-day in its Chrome browser, this is the second zero-day issue addressed by the IT giant within a month. The flaw, tracked as […]
Pierluigi Paganini
March 06, 2021
After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install is vulnerable. This week Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. In response to the […]
Pierluigi Paganini
March 04, 2021
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive related to recently fixed Microsoft Exchange zero-days. The US Cybersecurity and Infrastructure Security Agency (CISA) has issued the Emergency Directive 21-02 in response to the disclosure of zero-day vulnerabilities in Microsoft Exchange. This week Microsoft has released emergency out-of-band security updates that address four […]
Pierluigi Paganini
March 03, 2021
Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one […]
Pierluigi Paganini
February 12, 2021
Researchers at TIMâs Red Team Research discovered a zero-day vulnerability in IBM InfoSphere Information Server. Today, TIMâs Red Team Research led by Massimiliano Brolli, discovered a new critical vulnerability in IBM InfoSphere Information Server. The flaw has not addressed by IBM, because the product version 8.5.0.0 is in End-of-life. Today, TIMâs Red Team Research led […]
Pierluigi Paganini
February 04, 2021
Google has addressed an actively exploited zero-day vulnerability, tracked as CVE-2021-21148, with the release of the Chrome 88.0.4324.150 version. Google released Chrome 88.0.4324.150 version that addressed an actively exploited zero-day security vulnerability. The vulnerability is a Heap buffer overflow that resides in the V8, which is an open-source high-performance JavaScript and WebAssembly engine, written in C++. The flaw […]
Pierluigi Paganini
February 04, 2021
SonicWall has released a security patch to address the zero-day flaw actively exploited in attacks against the SMA 100 series appliances. SonicWall this week released firmware updates (version 10.2.0.5-29sv) to address an actively exploited zero-day vulnerability in Secure Mobile Access (SMA) 100 series appliances. The vulnerability, tracked as CVE-2021-20016, has been rated as critical and received a […]
