Log4j Critical Advisory (CVE-2021-44228)
Author: Tyler Sullivan Date: 10th December 2021 On 9th of December 2021, a security researcher posted proof-of-concept code for one of the most serious and impactful vulnerabilities of the year. It has been likened to ShellShock, a vulnerability in 2014 that...
Critical Flaw Found in SonicWall
Author: Melodie Foster Date: 2nd February 2021 SonicWall confirmed yesterday that its Secure Mobile Access (SMA) 100 series product contains a critical vulnerability. This comes a day after NCC researchers said the critical flaw was being exploited in the wild....
Critical Vulnerability in Pulse Secure VPN Leads to Remote Code Execution
Author: Melodie Foster Date: 26th May 2021 The flaw could allow an unauthenticated, remote attacker to execute code as a user with root privileges. The vulnerability has been given a CVSS score of 8.5 out of 10 and stems from a buffer overflow vulnerability in...
Critical Remote Code Execution Flaw Found in VMware
Author: Melodie Foster Date: 26th May 2021 A critical vulnerability has been found in VMware’s vCenter Server that could lead to an attacker being able to execute arbitrary code on the server. The flaw has been given a CVSS score of 9.8 out of 10 making it critical....
Apple Issues Patch for Critical Anti-Malware Bypass Flaw
Author: Melodie Foster Date: 28th April 2021 The zero-day flaw exists in MacOS where it can bypass anti-malware functions put in place and would allow an attacker to craft a payload which would not be detected by the security features designed to keep malware...
Chrome Remote Code Execution Bug Posted to Twitter
Author: Melodie Foster Date: 14th April 2021 A security researcher posted a working exploit code that would lead to remote code execution on Twitter. The researcher said it affects the current versions of Google Chrome and may also affect other browsers that...
New Critical Vulnerabilities Found in Microsoft Exchange Server
Author: Melodie Foster Date: 15th April 2021 In Microsoft’s latest patch Tuesday, the company and the NSA are urging users to patch four newly disclosed Exchange server vulnerabilities, following the global attack on Exchange servers that took place several...
Critical Flaw Found in VMware Carbon Black
Author: Melodie Foster Date: 9th April 2021 A critical vulnerability found in VMWare’s Carbon Black Cloud Workload appliance, if successfully exploited, could allow an attacker to bypass authentication and take control of vulnerable systems. The flaw has been...
Recent Comments