Security Advisories & Alerts

CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution

Description: The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Impacted Products:VMware vCenter Server (vCenter...

Read More


NOBELIUM Cyberattack : New sophisticated email-based attack

Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked by Microsoft since January 2021, evolved over a series of waves demonstrating significant experimentation. On May 25, 2021, the campaign escalated as NOBELIUM leveraged the...

Read More


A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Arbitrary Code Execution

DESCRIPTION:A vulnerability has been discovered in Microsoft Windows JET DatabaseEngine that could allow for arbitrary code execution. Microsoft WindowsJET Database Engine provides data access to various applications such asMicrosoft Access, Microsoft Visual Basic, and third-party applications.Successful exploitation of this vulnerability could result in arbitrarycode execution within the context of the application, an attackergaining the same privileges as the logged-on user, or the bypassing ofsecurity restrictions....

Read More


Cybersecurity Threat Alerts – Zeppelin Ransomware

Zeppelin ransomware is also referred to as Buran and has its origin in the Vega/VegaLocker family, a Delphi-based ransomware-as-a-service (RaaS).According to researcher Vitali Kremez, Zeppelin binaries are generated via a GUI wizard by affiliates who then distribute the malware in exchange for revenue sharing. Vega samples were first discovered in the beginning of 2019, being distributed alongside other widespread financial malware as part of a...

Read More


Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Animate is a multimedia authoring computer animation program.* Experience Manager is a content management solution for buildingwebsites, mobile apps, and forms.* InCopy is a professional word...

Read More


Page 26 of 130« First...1020...2425262728...405060...Last »