CVE-2021-20226: A Reference-Counting Bug in the Linux Kernel io_uring Subsystem https://ift.tt/3dEjIyr In June 2020, we received a Linux kernel submission detailing a reference-counting bug in the recently introduced io_uring subsystem. The bug leads to a use-after-free on any file structure, which can be leveraged for privilege escalation in the kernel. This bug was submitted by […]

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild https://ift.tt/32yRE98 Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure (PCS) appliances. PCS provides Virtual Private Network (VPN) facilities to businesses, which use them to prevent unauthorized access to their networks and services. Cybersecurity […]

Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day https://ift.tt/32udA5z Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and maintaining access […]

NAME:WRECK: Nine DNS Vulnerabilities Found in Four Open Source TCP/IP Stacks https://ift.tt/3dqPyPf Nine new DNS-related vulnerabilities have been identified across TCP/IP stacks embedded in millions of devices. Background On April 13, 2021, researchers at Forescout and JSOF published a report called NAME:WRECK. The report details the discovery of nine Domain Name System (DNS) vulnerabilities across […]

Desktop Window Manager vulnerability CVE-2021-28310 exploited ITW https://ift.tt/3dfofqU Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM). We believe several threat actors have already exploited the vulnerability. Microsoft just released the patch, and we suggest applying it immediately. Here’s why. What is Desktop Window Manager? Pretty […]

Desktop Window Manager vulnerability CVE-2021-28310 exploited ITW https://ift.tt/3dfofqU Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM). We believe several threat actors have already exploited the vulnerability. Microsoft just released the patch, and we suggest applying it immediately. Here’s why. What is Desktop Window Manager? Pretty […]

Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310) https://ift.tt/3wPxBkS Microsoft addresses 108 CVEs, including CVE-2021-28310—which has reportedly been exploited in the wild—as well as four new remote code execution vulnerabilities in Microsoft Exchange. 19Critical 88Important 1Moderate 0Low Microsoft patched 108 CVEs in the April 2021 Patch Tuesday release, including 19 CVEs rated as critical, […]

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers https://ift.tt/3mzk3oJ Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices. The bug, tracked as CVE-2021-1459, is rated with a CVSS score of […]

12 Microsoft Exchange Server security best practices https://ift.tt/2RjsLfn Microsoft Exchange Server is a widely used email server application. Many utilities, as well as supporting tools and aids, have been developed for it. Considering how important email is to any organization, maintaining a secure Exchange server is an essential activity. Zero-day vulnerabilities on Exchange Server — […]

CISA releases tool to review Microsoft 365 post-compromise activity https://ift.tt/3s1MUn4 Image: CISA The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. CISA’s new tool, dubbed Aviary, helps security teams visualize and analyze data outputs […]