Alerts

Yanluowang is a targeted Ransomware for multiple critical infrastructure sectors, including the hardware, information technology, software, and high-tech sectors. Yanluowang was first discovered in mid-October 2021. Yanluowang group uses to publish the data stolen from ransomware victims. Yanluowang is ransomware that encrypts (and renames) files, ends all running processes, stops services, and creates the “README.txt” […]

SAP has released security updates to address several vulnerabilities affecting multiple products. SAP also announced (2) updates to the previously released patch day security note. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP BusinessObjects Business Intelligence (Open Document, Monitoring DB, Commentary DB), SAP Enable Now Manager, SAP NetWeaver, and SAP

EG-FinCIRT has detected a massive phishing campaign focused on collecting credentials of financial institutions’ employees. The detected phishing campaign targets the organizations’ employees by sending a phishing email from a newly created domain to ensure they have clean records to alert the targeted users about “E-mail Storage Full” and persuade them to enter their username

Tenable Nessus has released an updated version (Nessus 8.15.6) to fix multiple vulnerabilities. The remote attacker could exploit these vulnerabilities to execute commands with administrator privileges and read arbitrary files without providing any valid SSH credentials. The most severe of the addressed vulnerability could allow the remote attacker to trick the victim to open a

Palo Alto has released security updates to address a vulnerability in Palo Alto Networks PAN-OS. The remote attacker could exploit this vulnerability to take control of the affected system. Palo Alto Networks PAN-OS is vulnerable to a denial of service, caused by a misconfiguration flaw in the URL filtering policy. The remote attacker could exploit

Zoho has addressed a new vulnerability that leads to remote code execution on multiple affected products. Multiple Zoho ManageEngine products could allow the remote authenticated attacker to execute arbitrary code on the system. The attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially-crafted request to carry out changes

Intel has released security updates to address vulnerabilities in multiple products. The attackers could exploit some of these vulnerabilities to escalate privileges, disclose information or cause denial of service. The released security updates are to address multiple products such as Intel Data Center Manager, Intel Active Management Technology (AMT) and Intel Standard Manageability, Intel® Driver

Linux kernel has released security updates to address multiple vulnerabilities. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The addressed vulnerabilities could allow the remote attacker to take control of the affected system, disclose information, gain write access to read-only memory mappings, increase their privileges on the

Adobe has released security updates to address vulnerabilities that affect Adobe Acrobat Reader products for Windows and macOS. The addressed vulnerabilities could allow the remote attacker to gain access and obtain information on the affected systems. Samples of the addressed vulnerabilities: Adobe Acrobat and Adobe Reader code execution (CVE-2022-35665): CVSS: 7.8 Attack Vector: Local Attack

Kaspersky has released a security update to address a high vulnerability that affects Kaspersky’s VPN secure connection. The attacker could exploit this vulnerability to take control of the affected systems. Kaspersky’s VPN secure connection 21.3.10.391(h) is vulnerable to a high-severity local privilege-escalation (LPE) vulnerability which would allow the attacker to gain administrative privileges and take

Red Hat, Ubuntu, and Debian released security updates to address vulnerabilities affecting multiple products. The addressed vulnerabilities could allow the remote attacker to take control of the affected system, disclose information, escalate privileges and cause a denial of service. Sample of the addressed vulnerabilities: Git client Plugin man-in-the-middle (CVE-2022-36881): CVSS: 8.1 Attack Vector: Network Attack

F5 has released security patches for August 2022 to address several vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system, disclose information, escalate privileges and cause a denial of service. The addressed vulnerabilities could allow the remote authenticated attacker to take control of the

Cisco has released a security update to fix vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the attackers to perform several attacks like bypassing security restrictions, cross-site scripting, frame hijacking attack, obtaining sensitive information, denial

Atlassian Jira Server and Data Center could allow the remote authenticated attacker to execute arbitrary code on the system. The remote attacker could exploit the addressed vulnerability by using a specially crafted velocity template to execute arbitrary code on the system via template injection, leading to Remote Code Execution (RCE) in the email templates feature.

Fortinet has released security updates to address several vulnerabilities in multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The addressed vulnerabilities could allow the attackers to perform several attacks like executing unauthorized code or commands, improper access control, and information disclosure on the affected system.

Google Chrome has released security updates for Windows versions (104.0.5112.79/80/81) and for Linux and Mac versions (104.0.5112.79). The remote attacker could exploit some of these vulnerabilities to take control of the affected system, obtain information and cause a denial of service. Samples of the addressed vulnerabilities: Google Chrome Safe Browsing code execution (CVE-2022-2604): CVSS: 8.8