On Wednesday, July 20, 2022, Cisco disclosed a critical severity vulnerability – CVE-2022-20857 – impacting Cisco Nexus Dashboard, an integrated dashboard used for visibility and
On Wednesday, July 20, 2022, Atlassian released patches to remediate two critical vulnerabilities (CVE-2022-26136 and CVE-2022-26137) that impact how Atlassian products implement Servlet Filters and
On Wednesday, June 29, 2022, Horizon3.ai published a proof-of-concept (PoC) exploit that targets CVE-2022-28219, a critical attack chain that includes unauthenticated XML External Entities (XXE),
On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM).
On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The
On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The
On Friday, May 27, 2022, Security vendor nao_sec identified a malicious document leveraging a zero-day remote code execution RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support
On Wednesday, May 18, 2022, VMware published an advisory (VMSA-2022-0014) to address multiple vulnerabilities, including CVE-2022-22972, an authentication bypass vulnerability affecting VMware Workspace ONE Access,
On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked
Background on CVE-2022-26923 On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory
CVE-2022-29464 Summary Over the past week, threat actors have started scanning for and opportunistically exploiting CVE-2022-29464–a remote code execution vulnerability in multiple WSO2 products used
April Patch Tuesday brings 145 vulnerability fixes from Microsoft — the highest number in 19 months—including CVE-2022-26809, a critical remote code execution (RCE) vulnerability in
On Monday, April 11, 2022, NGINX published a security blog post detailing three vulnerabilities in the NGINX LDAP reference implementation. NGINX is web server software
On Wednesday, April 6, 2022, VMware disclosed several critical-severity vulnerabilities impacting multiple VMware products. If successfully exploited, the vulnerabilities could lead to Remote Code Execution
On Thursday, March 31, 2022, GitLab released an advisory for a critical password security vulnerability in GitLab Community and Enterprise products tracked as CVE-2022-1162. GitLab
April 2, 2022 Update: Arctic Wolf Releases Open Source Spring4Shell Deep Scan Tool to Support the Security Community Today Arctic Wolf is making “Spring4Shell Deep
CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall
Background On Monday, March 21, 2022, Okta, an enterprise identity and access management firm, launched an inquiry after the Lapsus$ hacking group posted screenshots on
Background In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening.
Background On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead
Background On Monday, January 31, 2022, Samba released an advisory for remote code execution vulnerability CVE-2021-44142. All versions of Samba prior to 4.13.17 are vulnerable
On Monday, January 17, 2022, ManageEngine released security patches to address CVE-2021-44757–a critical authentication bypass vulnerability in Desktop Central and Desktop Central MSP that could
December 20 Update: Arctic Wolf Provides Video Walkthrough of Log4Shell Deep Scan Tool In this short six-minute video, Arctic Wolf provides an update on the
After successful deployment to Arctic Wolf’s customer community of more than 2,300 organizations worldwide, today we are making “Log4Shell Deep Scan” publicly available on GitHub. Log4Shell Deep Scan enables detection of both CVE-2021-45046 and CVE-2021-44228 within
Background On Thursday, December 2, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) reported a new campaign targeting ManageEngine
Background On Friday, December 3, 2021, ManageEngine released a patch advisory for CVE-2021-44515, an authentication bypass vulnerability affecting Desktop Central Enterprise and MSP versions. Desktop
Background On Tuesday, November 9, 2021, Microsoft released patches for two actively exploited vulnerabilities, CVE-2021-42321 in Microsoft Exchange, and CVE-2021-42292 in Microsoft Excel. CVE ID
Background Security researchers at Microsoft and Palo Alto Networks are reporting a new campaign targeting ManageEngine ADSelfService Plus servers that are vulnerable to CVE-2021-40539. Microsoft
Background Security researchers have observed a significant shift in tactics from the Magnitude Exploit Kit (EK) this week with the addition of exploits for Chromium-based
Background On Tuesday, October 5, 2021, Apache released a patch advisory for CVE-2021-41773, a path traversal, and file disclosure vulnerability affecting Apache HTTP Server version
