Exploration Leads To Innovation
On Friday 19, 2024 many organizations across the globe have seen disruptions on their windows systems stemming from a faulty update pushed out by CrowdStrike; a prominent cybersecurity company. CrowdStrike is a Texas-based EDR (Endpoint Detection & Response) solutions company serving over 500 companies in the fortune 1000. Their products run on millions of endpoints […]
Almost every day we are bombarded with many spam emails in our inbox, and many of these emails may be malicious. These emails have the potential to damage our lives in ways most of us can’t imagine. These emails are called phishing emails. What is phishing email? A phishing email attack is a type of […]
It’s the second Tuesday of the month and Microsoft has released patches for multiple products. In this edition of patch Tuesday, Microsoft has addressed 59 CVEs. This month’s patches are relatively low in severity. Out of 59, 2 are rated as Critical and 57 as important by Microsoft. No Zero-days were reported. However, elevation of […]
In a recent advisory issued by the French CERT Team, it was noted that threat actors are exploiting 2 years old remote code execution vulnerability to deploy a new ransomware that targets the VMware ESxi servers worldwide. This Critical vulnerability, tracked as CVE-2021-21974, is caused by a heap overflow issue in the OpenSLP service, which could be exploited by unauthenticated cyber criminals in low-level attacks. In an advisory published at […]
It’s a new year and another edition of patch Tuesday is among us. On Tuesday, January 10th, Microsoft released its latest round of patches for various vulnerabilities in its software. This month’s Patch Tuesday includes fixes for several critical vulnerabilities that could allow attackers to execute arbitrary code or cause a denial of service on […]
Security researchers are warning of antecedently covert flaws in totally patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to realize remote code execution on affected systems. The 1st vulnerability, known as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, whereas the second, identified as CVE-2022-41082, permits remote code execution (RCE) once […]
In the cybersecurity realm, vulnerability is most likely the center of every domain and the most discussed topic. Vulnerabilities can bring people together to solve the issues that are being introduced as part of the constant technological advancement. However, just like a coin has two sides, vulnerabilities divide the Cybersecurity community into two major groups. […]
On December 10, the cyber security community was hit again yet with another 0-day exploit. The vulnerability being tracked as CVE-2021-44228, is called “log4j” which is a critical vulnerability in popular java logging library. The vulnerability is being exploited in the public as you’re reading this article. Threat actors are adopting “spray-and-pray” method to exploit […]
Another day, another ransomware attack! A big fish in the tech market has fallen victim this time. Accenture, a giant tech consultant firm has been hit with Ransomware by LockBit 2.0 ransomware gang. Accenture worth the attack? Accenture is one of the big tech companies which provide Cyber Security and related technology services to many […]
It’s that time of the month again! Yes, patch Tuesday is here and everyone is preparing to patch their environment. Given the recent situation with PrintNightmare vulnerability, everyone is on the edge and rushing to patch as soon as possible which makes this month’s patch very interesting. July 2021 Patch Tuesday fixes 117 security vulnerabilities […]