Microsoft's monthly Patch Tuesday already occurred this month, so you know what that means - more disclosed vulnerabilities. This iteration of patches included fixes for a combined 70 vulnerabilities, including one zero-day. Thankfully, none of these fall into Microsoft’s “critical” category. However, there are four Elevation of Privilege vulnerabilities targeting the Windows … [Read more...]
Critical RCE Vulnerability in Log4J2
[Updated 13-12-2021: Additional information for WatchGuard customers] On Thursday, security researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely used logging library for java applications. CVE-2021-44228 is a full 10.0 on the CVSS vulnerability scoring system due to a combination of how trivial the exploit … [Read more...]
Exchange Server Vulnerabilities Actively Exploited in the Wild
(Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another widespread campaign targeting Exchange servers. It has been found that a state-sponsored threat actor operating out of China, which they are … [Read more...]
Critical Microsoft DNS Server Vulnerability – SIGRRed
If you already had plans to test and roll out the various Microsoft Windows and Server updates that came out today as a part of Microsoft’s Patch Tuesday, you probably want to move a bit quicker. Among the various bug fixes are a series of patches for a critical “wormable” vulnerability in Windows DNS Server, affecting all Windows Server versions dating back to Server 2003 … [Read more...]
Additional WPA3 Dragonblood Vulnerabilities
The same security researchers that disclosed the initial five WPA3 vulnerabilities (referred to as Dragonblood) earlier this year in April, have recently disclosed two additional WPA3 vulnerabilities. Just like the initial five Dragonblood vulnerabilities, these two new ones allow attackers to either downgrade or bypass WPA3 encryption protected networks via brute force … [Read more...]