-
News for August 4, 2022
Kaspersky VPN Vulnerabilityby Artie Kaye A bug found in VPN Secure Connection released by Kaspersky has been made public. The bug functions as a local privilege-escalation which could give an attacker control over your machine. It is currently not seeing exploitation in the wild, but that typically changes soon after reports are made. If you…
-
News for August 3, 2022
Phishing Scam Targets Microsoft Email Usersby Artie Kaye A new phishing scam is making use of Microsoft’s mail system to target businesses. A link will be sent to a user, if clicked it will look official. The attacks utilize adversary-in-the-middle (AiTM.) This means that the data sent from the user travels through the hands of…
-
Cisco Patches Critical Router Bug
by Artie Kaye A couple of flaws patched by Cisco could allow attackers to gain root access to the affected devices. This could allow them to execute code remotely or create a denial of service to the network served by the router. There is no workaround for the exploit and patching is the only preventative…
-
DrayTek Routers Vulnerable to Complete Takeover
by Artie Kaye Affecting over 200,000 devices, this exploit is caused by a logic bug in the login system, which can allow an attacker to bypass all security and gain full control over the device. The routers in question are typically employed in small to medium businesses for VPN access. There are 29 models of…
-
VMware Urgent Patch
by Artie Kaye A critical vulnerability was discovered and has a patch available for many of VMware’s products. The affected programs and versions are below: VMware Workspace ONE Access Appliance 21.08.0.1 VMware Workspace ONE Access Appliance 21.08.0.0 VMware Identity Manager Appliance & Connector 3.3.6 VMware Identity Manager Appliance & Connector 3.3.5 VMware Identity Manager Appliance…