Flash Notices (18)

Flash Notice: Large Scale Phishing Attack Targeting Microsoft Email Servers

A large-scale phishing campaign disclosed this week is primarily targeting corporate enterprise users of Microsoft email servers.

Flash Notice: Atlassian Confluence Critical Hardcoded Password Vulnerability Under Active Exploitation

A hardcoded credentials vulnerability was found by Atlassian last week in the Questions for Confluence app and is under active exploitation.

Flash Notice: [CVE-2022-22047] Microsoft Zero-Day Actively Exploited, Impacting Server & Client Windows Platforms

A zero-day, local privilege escalation vulnerability was found in the latest Widows 11 & Windows Server 2022 releases. It's being tracked as CVE-2022-22047

Flash Notice: New Ransomware Family, HavanaCrypt, Disguises Itself as Fake Google Update

Researchers at Trend Micro discovered a new ransomware family that’s being delivered as a fake Google software update - HavanaCrypt.

Flash Notice: [CVE-2022-29499] Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance

A ransomware attack was deployed against an unnamed mark using Mitel’s VoIP appliance as an entry point. CVE-2022-29499 is actively being used in the wild

Flash Notice: Critical Confluence Zero-Day Vulnerability Exploited by Attackers

A critical unpatched remote code execution vulnerability (CVE-2022-26134) was found in Atlassian’s Confluence Server and Data Center products.

Flash Notice: "Follina" a Microsoft Office Zero-Day RCE Vulnerability

Over the holiday weekend, a Windows/Office zero-day vulnerability, given the name Follina, was discovered and found to be exploited in the wild.

Flash Notice: VMWare Vulnerabilities Found in Multiple Products

5/19/22 - VMware issued patches for security flaws CVE-2022-22972 & CVE-2022-22973 found in Workspace ONE Access, Identity Manager, + vRealize Automation.

Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems

A critical vulnerability (CVE-2022-1388) was found in F5’s BIG-IP systems last week and is now being exploited in the wild.

Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager

Threat actors are currently exploiting an RCE vulnerability due to a server-side template injection in VMware Workspace ONE Access and Identity Manager.

Prev 16 17 18 19 20 Next