“ProxyShell” & “ProxyLogon” Patch Reminder

“ProxyShell” & “ProxyLogon” Patch Reminder Patch Notice Summary Security On-Demand’s Threat Recon Unit is issuing a patch reminder for vulnerabilities that exist in Microsoft Exchange servers.  We have previously reported on these patches and recommend patching any vulnerable systems that may not have received previous patches. We are observing that threat groups are actively scanning […]

Threat Advisory: Linux File System Vulnerability

Linux File System Vulnerability Event Summary An Out-of-bounds Write flaw was found in the Linux kernel’s seq_file in the filesystem layer. This flaw was discovered by the Qualys Research Team (QRT). If exploited successfully, this vulnerability could lead to data corruption, system crashes and up to the execution of unauthorized code. This flaw allows unprivileged […]

Threat Advisory: High Severity Flaw in HP, Xerox and Samsung Printers

High Severity Flaw in HP, Xerox and Samsung Printers Event Summary Sentinel Labs discovered a vulnerability that affects HP, Xerox and Samsung printers. This vulnerability could allow for privilege escalation via the vulnerable printer driver and could allow threat actors to install programs, view, change, encrypt, or delete data, or create privileged accounts.  Samsung, Xerox […]

Understanding Service Location Protocol as a Security Threat

Understanding Service Location Protocol as a Security Threat Hunting for obscure protocols is a way to proactively find malicious activity. Today, I want to talk about one of those obscure protocols, Service Location Protocol (SLP). While hunting through the billions of logs, we at Security On-Demand process every day, I found considerable activity across a […]

Zero-Day Vulnerability in SolarWinds Serv-U Products

Zero-Day Vulnerability in SolarWinds Serv-U Products 13 July, 2021 Event Summary The SolarWinds Serv-U product line contains a Zero-Day Vulnerability.  Microsoft discovered the exploits, reported it to SolarWinds and has evidence of exploitation in the wild.  This vulnerability exists in the Serv-U product line, and no other SolarWinds products are affected.  This is not related […]

PrintNightmare Zero-Day Vulnerability in the Windows Print Spooler Service

printnightmare

PrintNightmare Zero-Day Vulnerability in the Windows Print Spooler Service – Important Update PrintNightmare Zero-Day Alert Update 7/8/21 Event Summary The Windows Out-of-Band patch released on July 6th does not fully address the PrintNightmare Zero-Day vulnerability that exists in the Print Spooler Service.  This patch does address the remote vector of the vulnerability thus, further action […]