The issue was identified in the XStream open-source library used by Cloud Foundation and scored 9.8 out of 10 on the CVSS vulnerability rating scale.
By the way, we also said that Some Versions of VMware Carbon Black Cause BSODs on Windows.
The vulnerability, which received the identifier CVE-2021-39144, was discovered by experts from Source Incite and can lead to remote execution of arbitrary code without requiring authentication and any user interaction. The developers also warn that the operation of the bug difficult is not difficult at [...]
Let me remind you that we also wrote that Hackers leaked credentials of 500,000 Fortinet VPN accounts to the public.
Fortinet developers reported a critical vulnerability in their products earlier this week, and released patches for a dangerous problem that was already under attack at that time.Authentication bypass using alternative path or channel [CWE-88] in FortiOS and FortiProxy allows [...]
Worms are the most destructive force in the field of information security, bringing multi-million-dollar damage to companies. Despite this, there are viruses that are beneficial. Hopper is such a virus.
Let me remind you that we also reported that The New AI system thatDot Novelty Detector Speeds Up Detecting of Malicious Activity.
Detection tools are not good at detecting non-exploit-based distribution, which is what worms do best. Most information security solutions are less resistant to worm attack methods, such as the use of an impersonation token [...]
The issue poses a threat to 64-bit systems with Intel AVX-512 (Advanced Vector Extensions 512) support, but not all experts agree that this issue should be treated as a vulnerability at all.
Let me remind you that we also wrote that Experts Found Long-Standing Bugs in Avast and AVG Antiviruses.
It all started with the fact that in the new version of OpenSSL, released last week, a command injection vulnerability (CVE-2022-2068) was addressed, though it could not be completely fixed using the previous patch (CVE-2022-1292).
Alas, it turned out that this time the [...]
Let me remind you that in March 2022, a patch was released for the CVE-2022-1040 vulnerability, which was rated as critical on the CVSS scale (9.8 points out of 10 possible). At the time, it was reported that the bug allows remote attackers to bypass authentication through the firewall’s user portal or through the web admin panel and then execute an arbitrary code.
The vulnerability was originally discovered by an anonymous researcher who [...]
The researchers say that the bug was discovered a year ago, in April 2021, but Google, which owns VirusTotal, only recently gave permission to publish information about the vulnerability.After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities.Cysource experts told.
Let me remind [...]