What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Vulnerability

VMware Fixes Critical Flaw in ESXi Hypervisor

The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge. VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability (CVE-2020-4004) has a CVSS . . . Read more

Facebook Messenger Bug Allows Spying on Android Users

The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them. Facebook has patched a significant flaw in the Android version of Facebook Messenger that could have allowed attackers to spy on users and potentially identify their surroundings without them knowing. . . . Read more

APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies

Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks. China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon bug to stage attacks against their targets. In this case, victims are large and well-known Japanese organizations and their subsidiaries, . . . Read more

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

Attackers can exploit the feature and send people’s data directly to remote servers, posing a privacy and security risk, researchers said. Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypasses content filters and VPNs. They say . . . Read more

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that’s been a persistent worry to both the company and the U.S. government over the last few months. Both on Thursday renewed . . . Read more