The issue was identified in the XStream open-source library used by Cloud Foundation and scored 9.8 out of 10 on the CVSS vulnerability rating scale.
By the way, we also said that Some Versions of VMware Carbon Black Cause BSODs on Windows.
The vulnerability, which received the identifier CVE-2021-39144, was discovered by experts from Source Incite and can lead to remote execution of arbitrary code without requiring authentication and any user interaction. The developers also warn that the operation of the bug difficult is not difficult at [...]
We also wrote that Some Versions of VMware Carbon Black Cause BSODs on Windows.
Let me remind you that the CVE-2022-22954 vulnerability is associated with remote arbitrary code execution and affects VMware Workspace ONE Access. The bug scored 9.8 out of 10 on the CVSS vulnerability rating scale, and VMware discovered and fixed the issue on April 6 this year. However, the attackers reversed this fix and within 48 hours created an exploit, which was then used to compromise yet unpatched servers.
Let me remind you that we also wrote that Hackers leaked credentials of 500,000 Fortinet VPN accounts to the public.
Fortinet developers reported a critical vulnerability in their products earlier this week, and released patches for a dangerous problem that was already under attack at that time.Authentication bypass using alternative path or channel [CWE-88] in FortiOS and FortiProxy allows [...]
Let me remind you that we also reported that Microsoft Defender Mistakenly Saw a Threat in Chrome and Electron Apps, and also that Experts Found Long-Standing Bugs in Avast and AVG Antiviruses.
Last Wednesday, social networks received an avalanche of complaints from users of Malwarebytes antivirus who could not log into Google sites, YouTube, or use services such as G Suite, Gmail or the Google Play Store. At the same time, [...]
Let me remind you that we also wrote that Apple Introduces Lockdown Mode to Protect against Spying.
The device is based on the Raspberry Pi 4 Model B, but in the future, they want to make it look like a regular USB flash drive.
The gadget and the process of its creation are described in detail in a document published on ArXiv. The authors of the development note that remote “spy” attacks are becoming more and more [...]
Let me remind you that we also said that Microsoft Defender Scanner for Log4j Problems finds non-existent bugs, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.
The problem of false positives manifested itself last weekend, after the release of signature update 1.373.1508.0. This update includes two new threats, including the already mentioned Win32/Hive.ZY. Microsoft writes that this is a universal identifier for suspicious behavior, which will [...]
Carbon Black, acquired by the company in 2019, is a suite of cloud-based endpoint security tools “aimed at strengthening corporate cybersecurity.”
Let me remind you that we also wrote that Much of the Cybersecurity Budget Is Wasted.
The root of the problem affecting many companies lies in the rule set deployed on August 23, 2022 for Carbon Black Cloud Sensor versions 18.104.22.1689 – 22.214.171.1248. This update causes devices to crash and cause a Blue [...]
Let me remind you that we also wrote that Grouping LockBit Announced the Hacking of the Information Security Company Mandiant, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.
The Entrust hack became known back in June 2022. Then Bleeping Computer reported that the company suffered from te ransomware attack, during which data was stolen from its systems. Representatives of Entrust confirmed to reporters the fact of hacking, but did not provide any details of [...]
Let me remind you that we also said that Zloader Trojan Disables Microsoft Defender on Victims’ Systems.
The researchers remind that Secure Boot is part of the UEFI specification and is designed to protect the OS boot process so that only trusted code signed with a special certificate is executed within it.
Experts write that three Microsoft-approved UEFI bootloaders at once had vulnerabilities that allowed them to bypass Secure Boot and execute unsigned [...]
Let me remind you that we also reported that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.
Wardle cited his OverSight tool as an example. This tool, offered for free by the Objective-See Foundation, allows users to control the microphone and webcam on a Mac, alerting them each time the microphone is [...]