December 22, 2021 – TheCyberThrone

Log4j-Scanner From CISA

The CISA has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046 & CVE-2021-45105 log4j-scanner is a…

PravinKarthik December 22, 2021

Security

China Suspends Alibaba Over Log4j

China’s Ministry of Industry and Information Technology temporarily suspend its collaboration with Alibaba Cloud as a cyber threat intelligence partner due to the fact that the company did not inform…

PravinKarthik December 22, 2021

FormBook Malware Bypasses Microsoft Patch

Researchers have detected the use of a novel exploit able to bypass a patch for a critical vulnerability CVE-2021-40444 affecting the Microsoft Office file format. The attackers took a publicly…

PravinKarthik December 22, 2021

Abcbot hits Chinese Cloud Providers

Security researchers discovered a new botnet, named Abcbot, that focused on Chinese cloud hosting providers Alibaba Cloud, Baidu, Tencent, and Huawei Cloud. The Abcbot botnet that was targeting Linux systems…

PravinKarthik December 22, 2021

Security

Google Fixes Site isolation Bug in Chrome

Google Chrome has a set of features to speed up the page loading. Bug was discovered that allows attackers to bypass the browser’s Site Isolation feature. Chrome uses Same Origin…

PravinKarthik December 22, 2021

AIOSEO WordPress Plugin Flaw

Two critical and high severity security vulnerabilities in "All in One" SEO WordPress plugin exposed over 3 million websites to takeover attacks. A critical Authenticated Privilege Escalation bug (CVE-2021-25036) and…

PravinKarthik December 22, 2021