Announcements

Microsoft has released its monthly patch of security updates, known as Patch Tuesday, which fixestwo publicly zero-day vulnerabilities, one actively exploited in attacks and one publicly disclosed. Microsoft has fixed (84) vulnerabilities (not including Microsoft Edge vulnerabilities), with (13) classified as Critical as they allow privilege elevation, spoofing, or remote code execution. October’s Patch Tuesday […]

Fortinet has released security updates to address multiple vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The highest severity of the addressed vulnerabilities could allow the attacker to execute arbitrary commands in the underlying shell due to multiple improper neutralization of special elements

Trend Micro has released a new critical patch to address several vulnerabilities in Trend Micro Apex One SP1 and Apex One SaaS. The released security updates resolve several vulnerabilities having severity ratings from medium to critical. The remote attacker could exploit some of these vulnerabilities to gain privileged access to the affected system. Samples of the

Fortinet has released security patches to fix a critical authentication bypass vulnerability across multiple products.  The mentioned vulnerability could allow the remote attacker to bypass security restrictions by sending specially crafted HTTP or HTTPS requests to log into unpatched devices and perform operations on the administrative interface. Fortinet FortiOS and Fortinet FortiProxy security bypass (CVE-2022-40684): •

Security researchers have detected Microsoft Exchange zero-day vulnerabilities allowing for remote code execution. These vulnerabilities are so critical that they enable the attackers to perform RCE on the compromised systems when Powershell is accessible. Microsoft has identified two zero-day vulnerabilities, CVE-2022-41040 (Server Side Request Forgery (SSRF)) and CVE-2022-41082 (Remote Code Execution (RCE)), affecting Microsoft Exchange Server

VMware has released a security update to address a vulnerability in VMware Tools. VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. The addressed vulnerability could allow the local non-administrative attacker to escalate privileges as a root user in the virtual machine. The Addressed vulnerability: VMware Tools Local Privilege Escalation Vulnerability (CVE-2022-31676):

FormBook is a data stealer and form grabber that was first advertised on HackForums in early 2016. The malware is associated with APT36, TEMP.Splinter and UNC2589 threat actors which target Financial Services FormBook is a self-extracting RAR file that starts an AutoIt loader. The AutoIt loader compiles and runs an AutoIt script. The script decrypts

Zoom has released security updates to fix vulnerabilities across multiple products on Windows and macOS. The remote attacker could exploit these vulnerabilities to gain access, escalate privileges, and bypass security controls. Sample of The Addressed Vulnerabilities: Zoom Client for Meetings and VDI Windows Meeting Clients code execution (CVE-2022-28755): CVSS: 9.6 Attack Vector: Network Attack Complexity:

Cisco has released a security update to fix several vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to gain access, obtain information and cause a denial of service on the affected systems. The impacted products: Cisco ASA Software or FTD Software with vulnerable AnyConnect or WebVPN configuration ASA 5506-X with

Microsoft has released its monthly patch of security updates, known as Patch Tuesday, which fixes two zero-day vulnerabilities, one actively exploited known as “DogWalk”, and several critical Exchange vulnerabilities. Microsoft has fixed (121) vulnerabilities (not including Microsoft Edge vulnerabilities), with (17) classified as Critical as they allow remote code execution or elevation of privileges. August

RedLine Stealer is a malicious program that collects users’ confidential data from browsers, systems, and installed software. It also infects operating systems with other malware. Redline Stealer is malware as a service credential stealer targeting windows operation systems, with the capability of stealing credentials from web browsers, files, and FTP applications. RedLine also collects extensive

VMware has released a security advisory to address critical vulnerabilities which affect multiple VMware products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The addressed vulnerabilities could allow the attackers to perform several attacks like bypassing security restrictions, redirecting a victim to arbitrary websites, directory traversal, cross-site