Microsoft Critical Patches November
To start we have exchange bugs listed as under active attack since September patched. – CVE-2022-41082 – Microsoft Exchange Server
Read more
Risk
Critical Exchange Remote Code Execution
The attackers are chaining the pair of zero-days to deploy Chinese Chopper web shells on compromised servers for persistence and data
Read more
Critical RCE Confluence Server CVE-2022-26134
Here are again, Atlassian has made us all aware of the current active exploitation of a critical severity unauthenticated remote
Read more
Follina in the Wild
Summary Microsoft published guidance for a vulnerability impacting the Microsoft Support Diagnostic Tool (MSDT). This vulnerability is also known as
Read more
VMware Threats being Exploited in the Wild
Summary CISA issued a warning today that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and
Read more
Sonicwall Unauthenticated Access Exploitation
We encourage all users of SonicWall appliances to review patch strategy and address this immediately. Edge appliances have been used
Read more
Risk Authentication failures from Patch Tuesday
CISA has issues bulletin where it is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication
Read more
Patch Tuesday, May 2022
May 2022 Patch Tuesday update, including an important-rated zero-day bug that’s being actively exploited in the wild and several that
Read more
F5 Security Advisory CVE-2022-1388 Update
Summary F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to
Read more
Avaya Aruba Critical RCE
Security researchers have discovered five vulnerabilities in network equipment from Aruba (owned by HP) and Avaya (owned by ExtremeNetworks), that
Read more