Archive for the ‘remote code execution’ Category

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

March 23rd, 2020
Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft, both unpatched flaws are being used in limited, targeted attacks and impact all supported versions of the Windows operating system—including Windows 10, 8.1

Posted in hack windows 10, remote code execution, windows font, windows updates, windows Vulnerability, Zero-Day Vulnerability | Comments (0)

Warning — Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed

March 11th, 2020
Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol. It appears Microsoft originally planned to fix the flaw as part of its March 2020 Patch Tuesday update only,

Posted in cyber security, remote code execution, smb vulnerability, smb worm, windows security, windows updates, wormable exploit | Comments (0)

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

February 28th, 2020
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) 'file read and inclusion bug'

Posted in Apache, Apache exploit, Apache Tomcat, hacking news, local file inclusion, remote code execution, remote file inclusion, server security, server vulnerability, Tomcat Server | Comments (0)

Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks

February 25th, 2020
Google yesterday released a new critical software update for its Chrome web browser for desktops that will be rolled out to Windows, Mac, and Linux users over the next few days. The latest Chrome 80.0.3987.122 includes security fixes for three new vulnerabilities, all of which have been marked 'HIGH' in severity, including one that (CVE-2020-6418) has been reportedly exploited in the wild.

Posted in chrome, Chrome vulnerability, cyber security, Google Chrome, remote code execution, Vulnerability | Comments (0)

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

February 25th, 2020
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD, also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers.

Posted in cyber security, email server, linux, OpenBSD, OpenSMTPD, remote code execution, server security, Vulnerability | Comments (0)

Update Microsoft Windows Systems to Patch 99 New Security Flaws

February 11th, 2020
A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this month are critical in severity, and the remaining 87 have been listed as important. Five of the

Posted in download software update, Download Windows Update, Microsoft Patch Tuesday, patch tuesday, remote code execution, windows updates | Comments (0)

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

February 5th, 2020
Several Cisco-manufactured network equipments have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power. Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a

Posted in Cisco, cisco certification, cisco firewall, cisco networking devices, Cisco Router, cisco switch, network hacking, network security, remote code execution, Vulnerability | Comments (0)

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers

January 30th, 2020
Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure. Azure App Service is a fully-managed integrated service that enables users to create web and mobile apps for any

Posted in Azure Cloud, Cloud computing, Cloud security, cloud server, cyber security, microsoft, Microsoft Azure, remote code execution, server security, Vulnerability | Comments (0)

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

January 11th, 2020
It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC

Posted in Citrix Gateway, citrix software, Cyber Attack, exploit code, Proof of Concept, remote code execution, server security | Comments (0)