FBI removes malicious web shells from hundreds of compromised Microsoft Exchange servers
The U.S. Department of Justice (DOJ) authorized the FBI to remove malicious web shells from hundreds of compromised and vulnerable Microsoft Exchange servers.
XCSSET malware now targets Apple’s macOS 11 and M1-based Macs
Security researchers have revealed new research regarding XCSSET that now targets Apple’s macOS 11 and M1-based Macs. XCSSET had historically targeted Xcode projects to deliver malicious payloads.
XCSSET malware now targets Apple’s macOS 11 and M1-based Macs Read More »
NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks
Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.
NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks Read More »
WordPress security update (5.7.1) fixes 2 vulnerabilities
WordPress has released WordPress 5.7.1 security and maintenance update that includes fixes for two security vulnerabilities. All WordPress versions between 4.7 and 5.7 are affected.
WordPress security update (5.7.1) fixes 2 vulnerabilities Read More »
Juniper patches multiple vulnerabilities in Junos OS and other products (April 2021)
Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, EX4300, PTX Series, QFX Series, SRX Series network devices and multiple other products.
Juniper patches multiple vulnerabilities in Junos OS and other products (April 2021) Read More »
Adobe fixes Critical vulnerabilities in Photoshop, Bridge and other products
Adobe has patched Critical vulnerabilities in Photoshop, Bridge, Digital Editions and RoboHelp. An attacker could exploit these vulnerabilities and potentially take over impacted systems.
Adobe fixes Critical vulnerabilities in Photoshop, Bridge and other products Read More »
Microsoft April 2021 Security Updates, includes fixes for Critical Exchange Server vulnerabilities
Microsoft has released the April 2021 Security updates that includes patches for 114 vulnerabilities, 19 of those rated Critical. The updates also include fixes for multiple Microsoft Exchange flaws that have a higher likelihood of being exploited.
Chrome security update (89.0.4389.128) fixes 2 zero-days exploited in the wild
Google has released Chrome 89 security update 89.0.4389.128) for Windows, Mac and Linux with fixes for 2 vulnerabilities exploited in the wild.
Chrome security update (89.0.4389.128) fixes 2 zero-days exploited in the wild Read More »
CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)
The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.
APKPure Android store app infected with malware
APKPure Android app store and mobile app has been infected with malicious software that downloads trojans to Android devices.
APKPure Android store app infected with malware Read More »