critical vulnerability – WindowsTechs.com

Domain controller patch alert! Vulnerability grants domain admin access in 10 seconds

Posted on October 15, 2020 by Abhilash

A critical Active Directory vulnerability (CVE-2020-1472) has been making headlines for being the most notorious elevation of privilege bug because it can affect all computers and domain controllers in an organization.
This high-risk vulnerability, … Continue reading Domain controller patch alert! Vulnerability grants domain admin access in 10 seconds→

Security Researchers Awarded over $250,000 for Reporting 55 Vulnerabilities in Apple’s Bug Bounty Program

Posted on October 12, 2020 by Alina Bizga

A comprehensive three-month analysis of Apple’s online services has netted a team of security researchers a $288,500 reward after reporting critical vulnerabilities as part of its bug bounty program. In total, the researchers disclosed 55 vulnerabiliti… Continue reading Security Researchers Awarded over $250,000 for Reporting 55 Vulnerabilities in Apple’s Bug Bounty Program→

Cybercriminals Are Infiltrating Netgear Routers with Ancient Attack Methods

Posted on August 13, 2020 by Tripwire Guest Authors

It would be heartening to think that cybersecurity has advanced since the 1990s, but some things never change. Vulnerabilities that some of us first saw in 1996 are still with us. If you don’t believe me, just take a look at the news. Last month, Virgi… Continue reading Cybercriminals Are Infiltrating Netgear Routers with Ancient Attack Methods→

Tripwire Patch Priority Index for July 2020

Posted on August 3, 2020 by Lane Thames

Tripwire’s July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle. Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities tha… Continue reading Tripwire Patch Priority Index for July 2020→

Critical DNS Bug Opens Windows Servers to Infrastructure Takeover

Posted on July 14, 2020 by Tom Spring

Microsoft gives the ‘wormable’ flaw a security rating of 10 – the most severe warning possible. Continue reading Critical DNS Bug Opens Windows Servers to Infrastructure Takeover→

CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug

Posted on June 30, 2020 by Elizabeth Montalbano

An authentication-bypass vulnerability allows attackers to access network assets without credentials when SAML is enabled on certain firewalls and enterprise VPNs. Continue reading CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug→

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Posted on June 16, 2020 by Lindsey O'Donnell

Critical vulnerabilities were patched in Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. Continue reading Adobe Patches 18 Critical Flaws in Out-Of-Band Update→

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

Posted on June 9, 2020 by Lindsey O'Donnell

The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs. Continue reading Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update→

NSA Warns of Sandworm Backdoor Attacks on Mail Servers

Posted on May 29, 2020 by Tara Seals

The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability. Continue reading NSA Warns of Sandworm Backdoor Attacks on Mail Servers→

Critical CODESYS Bug Allows Remote Code Execution

Posted on March 26, 2020 by Tara Seals

CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit. Continue reading Critical CODESYS Bug Allows Remote Code Execution→