remote code execution

Threatpost 

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List

August 13, 2019 TH Author august patch tuesday, bluekeep, critical vulnerabilities, Microsoft, Mobile Security, remote code execution, remote desktop services, Vulnerabilities, Web Security

The flaws allow remote code-execution without user interaction or authentication, and are highly exploitable. READ MORE HERE…

Read more

Threatpost 

Critical RCE Flaw in Palo Alto Gateways Hits Uber

July 22, 2019 TH Author Cloud Security, critical vulnerability, CVE-2019-1579, gateway, global protect, Palo Alto, remote code execution, ssl vpn, uber, Vulnerabilities

The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable. READ MORE HERE…

Read more

Threatpost 

Wormable BlueKeep Bug Still Threatens Legions of Windows Systems

July 17, 2019 TH Author bluekeep, critical vulnerability, Proof of Concept, remote code execution, systems exposed, Vulnerabilities, Windows, Worm

Two months after the alarm sounded warning of a WannaCry-level event, progress in patching exposed Windows systems varies by country and industry. READ MORE HERE…

Read more

Threatpost 

SEMrush Plugs Remote Code Execution Bug in Its SaaS Platform

June 25, 2019 TH Author -dSAFER, CVE-2016-3714, evince, Ghostscript, GraphicsMagick, HackerOne, Hacks, ImageMagick, ImageTragick, Nautilus, Okular, remote code execution, SaaS, SEMrush, U.S. Computer Emergency Readiness Team, Vulnerabilities

Web analytics firm plugs a hole in its platform that allowed attackers to open a reverse shell that could be used to attack the service. READ MORE HERE…

Read more

Threatpost 

Mozilla Fixes Second Actively-Exploited Firefox Flaw

June 21, 2019 TH Author critical flaw, Cross Site Scripting, Firefox, firefox 67.0.4, firefox ESR 60.7.1, Mozilla, Mozilla Firefox, patch, remote code execution, Sandbox escape, Vulnerabilities, zero-day

Mozilla has patched a second actively-exploited vulnerability in Firefox this week. READ MORE HERE…

Read more

Threatpost 

Millions of Linux Servers Under Worm Attack Via Exim Flaw

June 14, 2019 TH Author coin miner, critical flaw, cryptomining, CVE-2019-10149, Exim, Exim flaw, Linux, linux server, ongoing attacks, remote code execution, Vulnerabilities, Vulnerability, Web Security, worm attack

Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers. READ MORE HERE…

Read more

Threatpost 

Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection

April 26, 2019 TH Author 5G, 5G security, AirLink ES450 LTE gateway, Command injection, critical, gateway, IoT, Mobile Security, remote code execution, Sierra Wireless, Vulnerabilities

The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings. READ MORE HERE…

Read more

Threatpost 

Exploits for Social Warfare WordPress Plugin Reach Critical Mass

April 23, 2019 TH Author Attacks, Cross Site Scripting, exploits, Hacks, in the wild, plugin, remote code execution, Vulnerabilities, Vulnerability, Web Security, wordpress

More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild. READ MORE HERE…

Read more

Threatpost 

Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’

March 29, 2019 TH Author browser extension, Cisco, remote code execution, Update, Vulnerabilities, Vulnerability, Web Security, Webex

Users of the conferencing platform should update immediately. READ MORE HERE…

Read more

Threatpost 

Host of Flaws Found in CUJO Smart Firewall

March 19, 2019 TH Author Cisco Talos, cujo smart firewall, home networks, remote code execution, Vulnerabilities

Some of the flaws would allow remote code-execution. READ MORE HERE…

Read more