EHA
Azure Services Vulnerability

Microsoft Azure Services Vulnerability Let Attackers Gain Unauthorized Access

Orca recently conducted an investigation into several Microsoft Azure services and discovered four instances where various services were uncovered to be susceptible to a Server Side Request Forgery (SSRF) attack. There are two certain weaknesses...
Step-By-Step Guide on How to Implement SignalR in ASP.NET Core

Step-By-Step Guide on How to Implement SignalR in ASP.NET Core

SignalR is a framework that enables real-time web communication between server and client, allowing developers to add real-time features to their applications quickly and easily. We have talked about the basics of ASP.NET Core SignalR....
Azure Service Fabric Explorer Flaw Let Attacker Gain Administrator Privileges

Azure Service Fabric Explorer Flaw Let Attacker Gain Administrator Privileges

Microsoft Azure Service Fabric has been exposed to a spoofing vulnerability that has been unveiled recently in a proof-of-concept exploit. The flaw has been tracked as CVE-2022-35829 with medium severity by the security researchers at...
2 New MS Exchange Server 0-Day Bugs Are Exploited By Hackers in Wild – Microsoft

2 New MS Exchange Server 0-Day Bugs Are Exploited By Hackers in Wild –...

Cybercriminals have exploited two 0-day Exchange Server vulnerabilities in real-life attacks as a result of unpatched Exchange Server zero-day vulnerabilities that have not been patched, as confirmed by Microsoft. Back in August 2022, the Vietnamese...
Hackers Use Mouse Movement in Microsoft PowerPoint Presentations to Deliver Malware

Hackers Use Mouse Movement in Microsoft PowerPoint Presentations to Deliver Malware

There is a new code execution technique being used by hackers who are thought to be working for Russia as reported by the security analysts at Cluster25.  An attack of this type makes use of...
Active Directory Kill Chain Attack & Defense – A Complete Guide & Tools

Active Directory Kill Chain Attack & Defense – A Complete Guide & Tools

Here we are elaborating the tactics, techniques, and procedures (TTPs) attackers are leveraging to compromise active directory and guidance to mitigation, detection, and prevention. And understand Active Directory Kill Chain Attack and Modern Post...
Warning! Attackers Compromise Over 2000 Microsoft Exchange Servers With ProxyShell Flaws

Warning! Attackers Compromise Over 2000 Microsoft Exchange Servers With ProxyShell Flaws

Over the past two days, the hackers have compromised almost 2000 Microsoft Exchange servers and installed backdoors on those hacked 2000 Microsoft Exchange servers through unpatched ProxyShell vulnerabilities. Cybersecurity experts of Huntress Labs security firm...
Badloc- Microsoft Warns of Multiple Vulnerabilities that Could Affect a Wide Range of IoT and OT Devices

Badloc- Microsoft Warns of Multiple Vulnerabilities that Could Affect a Wide Range of IoT...

Security researchers at Microsoft recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls to execute malicious code or cause a system...
Beware of New Monero Mining Campaign that Uses ProxyLogon Exploit to Compromise Exchange Servers

Beware of New Monero Mining Campaign that Uses ProxyLogon Exploit to Compromise Exchange Servers

Microsoft already released details about a serious vulnerability affecting their Exchange mail server software, a range of threat actors have been targeting exploitable servers with a variety of malware, from webshells to ransomware. SophosLabs researchers...
Alert!! CISA, DHS Urges Government Agencies to Patch Critical DNS Flaw Within 24 Hours

Alert!! CISA, DHS Urges Government Agencies to Patch Critical DNS Flaw Within 24 Hours

The U.S Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has recently issued an order to the civil federal government agencies that are using Windows Server. They have been asked to patch a...