Exploit Broker Zerodium Increasing Focus on VPNs The exploit broker Zerodium announced they are seeking exploits for ExpressVPN, NordVPN, and Surfshark VPNs. VPNs are becoming a more lucrative target. Zerodium’s announcement has brought attention to that. Many use VPNs because they believe it protects their privacy. However, it also puts the responsibility of that … [Read more...]
SharePoint Suffers from XSS and Information Disclosure Flaws
Summary: These vulnerabilities affect: SharePoint Server, Groove Server, Office Web Apps, and InfoPath 2010, which are all part of Microsoft's Office family products How an attacker exploits them: Multiple vectors of attack, including luring your users to a malicious link, or by visiting a specific address on a vulnerable server Impact: In the worst case, an attacker can … [Read more...]
Four Updates Repair Office and Server Software Vulnerabilities
Severity: High Summary: These vulnerabilities affect: Microsoft Office related products, including Word, Works, Sharepoint, InfoPack, Communicator, Lync, Groove, and more How an attacker exploits them: Multiple vectors of attack, including enticing users to click specially crafted links, or to open specially crafted documents Impact: In the worst case, an attacker can gain … [Read more...]