Posted inSecurity
PaloAlto ZeroDay Exploit.
Researchers have identified an exploit in PaloAlto devices which allows for unauthenticated RCE and affects about an estimated count of 70,000+ VPN/firewalls. Tracked as CVE 2021-3064 and scoring a CVSS…
Microsoft Exchange ZeroDay. RCE Exploit Fix – November 2021
Microsoft has released security updates as a part of this month Patch Tuesday and it has a Zero Day exploits in Exchange Server, those vulnerabilities found in: Exchange Server 2013Exchange…
Posted inSecurity
Microsoft Patch Tuesday November 2021
Microsoft patched 55 CVEs in the November 2021 Patch Tuesday release, including six rated as critical, and 49 rated as important. KB5007186 has arrived for Windows 10 21H1, 20H2, and…
Another Zero Day in Google Chrome !
Google released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers actively exploited. Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in nature,…
New Windows Privilege Escalation Zero Day Haunts
A new Windows zero-day elevation of privilege vulnerability emerged with a public proof of concept (PoC) exploit that grants SYSTEM privileges under certain conditions. The only safe point as of…
BillQuick ZeroDay Deploys Ransomware
At least one hacking group is exploiting a security flaw in a popular billing software suite to gain initial access, take over servers, and then deploy ransomware inside companies’ networks.…
Zerodium Looking for VPN Zero Days
Zerodium an exploit purchase agency announced that it’s looking to buy zero-day exploits targeting popular VPN software. Specifically wants to acquire exploits that work against the Windows versions of the…
Mystery Snail 🐌 Exploited in Wild
Chinese hackers have attacking using a zero-day elevation-of-privilege exploit. An APT group exploited a zero-day vulnerability in the Windows Win32k kernel driver to develop a new RAT trojan. This exploit…