Microsoft experts have discovered a new Prestige ransomware that is being used to attack transport and logistics organizations in Poland and Ukraine. the researchers have not yet linked Prestige activity to specific attackers...
Author - Emma Davis
Last Year’s Vulnerability in VMware vCenter Server Is Still Unpatched
VMware has warned customers that the latest version of vCenter Server 8.0 is still awaiting a fix for a privilege escalation vulnerability that was discovered in November 2021. in the IWA (Integrated Windows Authentication)...
Phishing Platform Caffeine Targets Russian and Chinese Services
Mandiant has discovered a new Phishing-as-a-Service (PHaaS) Caffeine phishing platform. Interestingly, here new clients do not require invitations or referrals to connect, and they do not need to get administrator approval or...
Fortinet Informs Customers about a Critical Vulnerability
Fortinet developers have warned administrators to urgently update their FortiGate firewalls, FortiProxy Web Proxy, and FortiSwitch Manager (FSWM) to the latest versions tha fix a critical vulnerability in the company’s...
Microsoft Fixed More Than 80 Vulnerabilities, but There Are Still No Patches for ProxyNotShell
Microsoft developers released October patches for their products: in total, more than 80 vulnerabilities were fixed this month, including bugs that hackers actively use. However, there are still no patches for recent issues in...
An Unpatched Vulnerability in Zimbra Is Already under Attack
Experts warn: an unpatched vulnerability in the Zimbra Collaboration Suite (ZCS), which received 9.8 points on the CVSS vulnerability rating scale, is already under attack, as users wrote about back in September. me remind you...
US Authorities List Vulnerabilities That Chinese Hackers Attack
Specialists from the Cybersecurity and Infrastructure Protection Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) have disclosed data on vulnerabilities that Chinese hackers mostly...
Microsoft Updated Recommendations for Protecting against ProxyNotShell Vulnerabilities
Microsoft engineers have updated their recommendations for protecting against 0-day vulnerabilities in Exchange (CVE-2022-41040 and CVE-2022-41082), which are known as ProxyNotShell. The problem is that there are still no patches...
Packagist Developers Patched a Vulnerability That Opened the Door to Attacks on the Supply Chain
The developers of a major PHP package repository, Packagist, have announced that they have fixed a serious vulnerability that allowed injecting commands. The issue could have been used to stage supply chain attacks targeting the...
PoC Exploit for PlayStation 5 Appeared, but It Works Only in 30% of Cases
Renowned console hacker and exploit developer SpecterDev has released a PoC exploit for the PlayStation 5 that can be used to gain root privileges and read/write access to large areas of system memory. to say, the exploit cannot...