Over the past few months, the cybersecurity world was at buzz due to the infamous WannaCry ransomware attack. The attack was launched on a massive scale. The campaign started after the disclosure of NSA exploit leak by a hacker group called Shadow Brokers. Taking advantage of unpatched systems all over the globe, the attack spread […]
The Microsoft Windows SMB (Server Message Block) is being actively exploited in the wild, post the Shadow Brokers (TSB) leak in April 2017. According to Microsoft’s blog, the exploits were already covered in previously released security bulletins. The Shadow Broker exploits named ‘EternalBlue’ and ‘EternalRomance’ and ‘EternalSynergy’ are addressed by Microsoft in security bulletin MS17-010. […]
The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products (past support life cycle products […]
Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise websites. In addition to this, […]
The well-known open source web application framework Apache Struts 2 is being actively exploited in the wild allowing hackers to launch a remote code execution attack. To address this issue, Apache has issued a security advisory and CVE-2017-5638 has been assigned to it. The zero-day bug has been rated with the highest severity rating ‘High’. […]
On March 13, 2012, Microsoft disclosed the details of a ‘critical vulnerability’ called Remote Desktop Protocol Vulnerability – CVE-2012-0002 in its bulletin. And even four years after this vulnerability was patched, it is still being exploited in the wild by attackers to carry out ‘Remote Code Execution’ on their victims computers. Affected Operating Systems: Microsoft […]
