Critical MS Windows BIOS File Write Vulnerability

Threat Advisory: Critical MS Windows BIOS File Write Vulnerability Event Summary Security researchers have disclosed a flaw in the Microsoft Windows Platform Binary Table (WPBT) and the way it handles digital signatures of Original Equipment Manufacturer (OEM) signatures.  Due to this flaw, threat actors are able to perform system level code execution, including the installation […]

Threat Flash Alert: VMware Server Vulnerability

vmware vulnerability

Threat Flash Alert: VMware vCenter Server File Upload Vulnerability 21 September, 2021 Vulnerability Summary VMware has issued a warning regarding a critical arbitrary file upload vulnerability that exists in the VMware Analytics service, impacting all appliances running the default vCenter server configuration. This vulnerability can be exploited by individuals or threat actors already inside the […]

Critical OMI Vulnerabilities in Linux Azure VM Deployments

Critical OMI Vulnerabilities in Linux Azure VM Deployments 17 September, 2021 Event Summary Four vulnerabilities have been identified in the Open Management Infrastructure (OMI) used for managing Linux and UNIX VM’s with Microsoft Azure implementations.  Of these, the most severe vulnerability allows for Remote Code Execution (RCE), while the remaining three allow for privilege escalation […]

Cryptojacking: Is Your Browser Mining Crypto?

Cryptojacking: Is Your Browser Mining Crypto? 25% of businesses are estimated to have been victims of cryptojacking. Crypto mining in and of itself is neither malicious nor a security event. However, the same tools and domains that any random individual may use to legitimately mine their own crypto are also being used by botnets to […]

Fortinet VPN Credential Compromise and Leak

Fortinet VPN Credential Compromise and Leak 10 September, 2021 Event Summary Threat actors have obtained and leaked almost 500,000 Fortinet VPN credentials, including user names and passwords.  They were able to obtain these credentials via a previously disclosed vulnerability, CVE-2018-13379, labeled as a FortiOS system file leak through SSL VPN via specially crafted HTTP resource […]

Atlassian Confluence Server and Data Center RCE Vulnerability

Atlassian Confluence Server and Data Center RCE Vulnerability 3 September, 2021 Executive Summary Atlassian Confluence and the U.S. Cyber Command have issued a security advisory regarding an OGNL injection vulnerability that exists in multiple versions of the Confluence Server and Data Center products. This Remote Code Execution (RCE) vulnerability could allow authenticated users, and in […]