Microsoft announced the release of a micropatch that fixes a local privilege escalation (LPE) vulnerability in Windows PsExec, the operating system management tool. PsExec functions as a fully interactive TelnetRead More →
A recent report mentions that it is possible to extract the key from BitLocker, an encryption tool on Windows systems, by simply using SPI traffic. Although this attack would requireRead More →
VMware developers have confirmed that their systems were also compromised during the SolarWinds security incident. In its report, the company mentions that threat actors used their unauthorized access to injectRead More →
Valve, a video game developing company, has fixed four critical flaws on Steam, its popular online video game platform. If exploited, these vulnerabilities would allow remote threat actors to blockRead More →
A SpiderLabs researcher has published an analysis of WinZip 24 network communications in which he detected the sending of update verification requests in unencrypted HTTP format. This could allow threatRead More →
A number of firmware flaws in D-Link VPN routers could expose these devices to zero-day attacks exploitation. These vulnerabilities have not been fully fixed, so threat actors could launch rootRead More →
Cisco security teams released multiple security updates to correct newly detected authentication flaws in Cisco Security Manager, whose exploit would allow threat actors to execute malicious code on affected systems.Read More →
Cybersecurity specialists have reported finding two critical vulnerabilities in the TL-WPA4220 WiFi signal extender, developed by TP-Link. According to the report, failures allow the execution of arbitrary commands and theRead More →
Cybersecurity specialists report finding a vulnerability in GNOME Display Manager (gdm) that could allow users with reduced privileges to create elevated accounts on Ubuntu systems. Although certain requirements for theRead More →