Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers
Researchers have detailed a previously undocumented .NET-based post-exploitation framework called IceApple that has been deployed on …
Exploitation
Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild
A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun …
CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) …
Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021
Twice as many zero-day software vulnerabilities were exploited last year before vendors even had the chance to patch them than in 2020, and …
Presentation: Pivoting and Exploitation in a Docker Environment
Transcript Pires: My name is Filipi …
Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products …
Defending Against the Use of Deepfakes for Cyber Exploitation
Cybercrime has risen precipitously this year. From July 2020 to June 2021, there was an almost 11x increase in ransomware attacks, we have …
Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability
The Federal Bureau of Investigation (FBI), CISA, and Coast Guard Cyber Command (CGCYBER) have updated the Joint Cybersecurity Advisory …
Updated APT Exploitation of ManageEngine ADSelfService Plus Vulnerability
The Federal Bureau of Investigation (FBI), CISA, and Coast Guard Cyber Command (CGCYBER) have updated the Joint Cybersecurity Advisory …
Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation
On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code …
A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online
An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using …
Working exploit released for VMware vCenter CVE-2021-22005 bug
A complete exploit for the remote code execution vulnerability in VMware vCenter tracked as CVE-2021-22005 is now widely available, and …
CISA: Wide Exploitation of New VMware vCenter Server Flaw Likely
Organizations using VMware’s vCenter Server that haven’t yet applied a patch for a recently disclosed arbitrary file upload vulnerability …
U.S. Cyber Command Warns of Active Mass Exploitation Attempts Targeting Confluence Flaws
The cybersecurity authorities of the U.S. Cyber command have recently been notified regarding the increase in the number of scans and …