Tag: 0-day

Cybersecurity

Virginia Reeling from Ransomware

1 month ago
admin

Virginia Reeling from Ransomware Virginia is fighting cyber-fires on two fronts after ransomware attacks affected both its state legislature and an agency within its executive branch.  In an attack that struck on…

Cybersecurity Cybersecurity Awareness Ransomware

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

1 month ago
admin

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

Cybersecurity

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

1 month ago
admin

For those unable to patch the Apache Log4Shell vulnerability, cybersecurity firm Cybereason has released what they called a “fix” for the 0-day exploit. Cybereason urged people to patch their systems…

apache Cybersecurity Log4j Security Ubiquitous Vulnerability

Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool

2 months ago
admin

Apache has released Log4j version 2.15.0 to address the critical RCE vulnerability and users are urged to apply the update immediately. The Apache Foundation’s Log4j is a widely used open-source…

Cloud Security Cybersecurity Government Hacks News Vulnerabilities Web Security

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

2 months ago
admin

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” An excruciating, easily exploited flaw in the ubiquitous…

Cybersecurity Hacking IoT Security sonicwall VPN Vulnerability

SMA 100 flaws in SonicWall VPN expose devices to remote takeover

2 months ago
admin

If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall,…

Cybersecurity Vulnerabilities

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

2 months ago
admin

The bureau’s flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets’ networks. A threat actor has been…

Cybersecurity

Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day

3 months ago
admin

There has been considerable debate within the cybersecurity community about Randori, a security firm that waited one year before disclosing a critical buffer overflow bug it discovered in Palo Alto…

Cybersecurity

UK Funds Project to Teach Autistic Children Cybersecurity Skills

3 months ago
admin

UK Funds Project to Teach Autistic Children Cybersecurity Skills A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a…

Cybersecurity

Microsoft: Patch Zoho Bug Now to Stop Chinese Hackers

3 months ago
admin

Microsoft: Patch Zoho Bug Now to Stop Chinese Hackers Microsoft has warned that Chinese actors are actively exploiting a known Zoho vulnerability to target defense, education, consulting and IT sector…