FORCEDENTRY ZERO-DAY VULNERABILITY

Priority: Critical Executive Summary: Citizen Lab has discovered a zero-day zero click exploit against Apple’s iMessage. The exploit tracked as ForcedEntry, CVE-2021-30860 was identified by Citizen Lab and immediately reported to Apple who released a fix to patch all OS, iOS and watchOS devices. Citizen Lab claims that a Saudi activist was infected with the […]

MICROSOFT MSHTML ZERO-DAY VULNERABILITY

Priority: Critical Executive Summary: Microsoft has reported a zero-day vulnerability in MSHTML affecting Microsoft Windows, targeting users to download a malicious Microsoft Office document. A proof-of-concept has been released to the public with Microsoft advising administrators to enforce a workaround until an official Microsoft patch is released. This is being tracked as CVE-2021-40444. The vulnerability […]

KASEYA REVIL RANSOMWARE EXPLOIT

Priority: Critical Executive Summary: The Kaseya VSA IT management and patching platform has been compromised and used by Russia-based “ransomware-as-a-service” group REvil (aka Sodinokibi and Sodin) to distribute a malicious powershell script to disable Microsoft Defender on the targeted host and execute the REvil encryption tool, rendering the host inoperable. A ransom, reportedly of up […]

PRINTNIGHTMARE ZERO-DAY VULNERABILITY

Priority: Critical   Executive Summary: Security researchers have accidentally published a proof-of-concept zero-day called “PrintNightmare” for all supported Windows devices including endpoints and servers. This vulnerability can be exploited to achieve both remote code execution and local privilege escalation. Tracked as CVE-2021-1675, the critical vulnerability exploits built-in Windows print spooler service. Background: Microsoft released a […]

GOOGLE CHROME ZERO-DAY TYPE CONFUSION VULNERABILITY

Priority: High Summary: A critical vulnerability was found in Google Chrome (Web Browser) stemming from a type confusion issue in its V8 open-source engine which leads to a privilege escalation vulnerability and impacts confidentiality, integrity and availability. Tracked as CVE-2021-30551, the vulnerability was discovered by Sergei Glazunov from Google Project Zero. The exploitation is known […]

MICROSOFT WINDOWS JUNE 2021 ZERO-DAY VULNERABILITIES

Priority: High Summary: Kaspersky security researchers have discovered a new threat actor dubbed PuzzleMaker, who has used a chain of Windows 10 zero-day exploits in highly targeted attacks against multiple companies worldwide. The most harmful (assigned the catalogue number CVE-2021-33742) can allow malicious web pages to compromise the Windows operating system via Internet Explorer and […]

Chromium-Based Vulnerabilities

Priority: High Summary: Security researcher known as ‘frust’ has recently published a zero-day POC (Proof of Concept) exploit on Twitter for a zero-day remote code execution vulnerability found on Chromium-based browsers. This follows from two other Chromium-based vulnerabilities which were released on 14th April 2021. [2] The recent vulnerability allows an attacker to open the […]

CRITICAL F5 BIG-IP AND BIG-IQ VULNERABILTIES

Priority: Critical Summary Enterprise networking vendor F5 Networks has released details of multiple critical remote code execution (RCE) vulnerabilities affecting most versions of BIG-IP and BIG-IQ. F5 is urging all customers to update their deployments as soon as possible. 1 The four most critical vulnerabilities include a pre-authentication RCE vulnerability, which would allow an unauthenticated […]

Cloud Security Firm Qualys Falls Victim to Cyber Attack

Priority: High Summary On March 3rd 2021, a group known as Clop leaked files which appeared to originate from vulnerability management provider Qualys. These included documents such as purchase orders and scan reports [1]. Qualys later released a statement explaining that they were aware of the issue and that they believe it relates to a […]

Hafnium Targeting Exchange Servers

Priority: Critical Summary On 2nd March Microsoft released a number of fixes for vulnerabilities affecting on-premises installations of Exchange Server. The vulnerabilities are being actively exploited by an Advanced Persistent Threat Microsoft have dubbed ‘Hafnium’. 1 Customers should apply these patches immediately and monitor their Exchange Server deployments for any sign of compromise. Exchange Online […]