Threat Flash Alert: VMware vCenter Server File Upload Vulnerability 21 September, 2021 Vulnerability Summary VMware has issued a warning regarding a critical arbitrary file upload vulnerability that exists in the VMware Analytics service, impacting all

Critical OMI Vulnerabilities in Linux Azure VM Deployments 17 September, 2021 Event Summary Four vulnerabilities have been identified in the Open Management Infrastructure (OMI) used for managing Linux and UNIX VM’s with Microsoft Azure implementations. 

Cryptojacking: Is Your Browser Mining Crypto? 25% of businesses are estimated to have been victims of cryptojacking. Crypto mining in and of itself is neither malicious nor a security event. However, the same tools and

Fortinet VPN Credential Compromise and Leak 10 September, 2021 Event Summary Threat actors have obtained and leaked almost 500,000 Fortinet VPN credentials, including user names and passwords.  They were able to obtain these credentials via

Atlassian Confluence Server and Data Center RCE Vulnerability 3 September, 2021 Executive Summary Atlassian Confluence and the U.S. Cyber Command have issued a security advisory regarding an OGNL injection vulnerability that exists in multiple versions

Microsoft Azure Cosmos DB Primary Key Exposure 27 August, 2021 Executive Summary Microsoft has disclosed an issue in their flagship Azure Database, Cosmos DB.  Wiz Research Security’s research team discovered the ability to access the