Critical MS Windows BIOS File Write Vulnerability

Threat Advisory: Critical MS Windows BIOS File Write Vulnerability Event Summary Security researchers have disclosed a flaw in the Microsoft Windows Platform Binary Table (WPBT) and the way it handles digital signatures of Original Equipment Manufacturer (OEM) signatures.  Due to this flaw, threat actors are able to perform system level code execution, including the installation […]

Threat Flash Alert: VMware Server Vulnerability

vmware vulnerability

Threat Flash Alert: VMware vCenter Server File Upload Vulnerability 21 September, 2021 Vulnerability Summary VMware has issued a warning regarding a critical arbitrary file upload vulnerability that exists in the VMware Analytics service, impacting all appliances running the default vCenter server configuration. This vulnerability can be exploited by individuals or threat actors already inside the […]

Critical OMI Vulnerabilities in Linux Azure VM Deployments

Critical OMI Vulnerabilities in Linux Azure VM Deployments 17 September, 2021 Event Summary Four vulnerabilities have been identified in the Open Management Infrastructure (OMI) used for managing Linux and UNIX VM’s with Microsoft Azure implementations.  Of these, the most severe vulnerability allows for Remote Code Execution (RCE), while the remaining three allow for privilege escalation […]

Fortinet VPN Credential Compromise and Leak

Fortinet VPN Credential Compromise and Leak 10 September, 2021 Event Summary Threat actors have obtained and leaked almost 500,000 Fortinet VPN credentials, including user names and passwords.  They were able to obtain these credentials via a previously disclosed vulnerability, CVE-2018-13379, labeled as a FortiOS system file leak through SSL VPN via specially crafted HTTP resource […]

Atlassian Confluence Server and Data Center RCE Vulnerability

Atlassian Confluence Server and Data Center RCE Vulnerability 3 September, 2021 Executive Summary Atlassian Confluence and the U.S. Cyber Command have issued a security advisory regarding an OGNL injection vulnerability that exists in multiple versions of the Confluence Server and Data Center products. This Remote Code Execution (RCE) vulnerability could allow authenticated users, and in […]

Microsoft Azure Cosmos DB Primary Key Exposure

Microsoft Azure Cosmos DB Primary Key Exposure 27 August, 2021 Executive Summary Microsoft has disclosed an issue in their flagship Azure Database, Cosmos DB.  Wiz Research Security’s research team discovered the ability to access the Primary Key that controls access to databases used by thousands of companies. This vulnerability has been dubbed as “ChaosDB”. Exploitations […]