EHA
SysAid Server Zero-Day

MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability

As previously reported, SysAid disclosed a zero-day issue affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability and was given CVE-2023-47426. Additionally, SysAid stated that there were reports of Lace...
Lenovo PC/Laptop Flaws Enable Attackers to Run Arbitrary Code

Lenovo PC/Laptop Flaws Enable Attackers to Run Arbitrary Code

Lenovo has disclosed multiple BIOS security vulnerabilities affecting several vendors in their new security advisory. The potential impacts of these vulnerabilities could be information disclosure and arbitrary code execution by multiple BIOS vendors.  Moreover, the...
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. The threat actor has...
Multiple Videolan VLC Player Flaw Leads to Memory Corruption: Update Now!

Multiple Videolan VLC Player Flaws Leads to Memory Corruption: Update Now!

Recently, two significant vulnerabilities related to memory corruption have been uncovered in the popular VLC media player. These vulnerabilities were found in the Microsoft Media Server (MMS), which has two implementations in VLC: MMS...
HelloKitty Ransomware Exploiting Apache ActiveMQ Flaw

HelloKitty Ransomware Exploiting Apache ActiveMQ Flaw

The recently disclosed Apache ActiveMQ remote code execution (RCE) flaw, CVE-2023-46604 is being exploited to spread ransomware binaries on target systems and demand a ransom from the victim organizations. Based on the evidence and the ransom note, Rapid7...
Microsoft Edge Vulnerability Let Attackers Execute Malicious Code

Microsoft Edge Vulnerability Let Attackers Execute Malicious Code

Three new vulnerabilities have been discovered in Microsoft Edge (Chromium-based) associated with Remote Code execution and Spoofing. The CVEs of these vulnerabilities have been assigned as CVE-2023-36022, CVE-2023-36029, and CVE-2023-36034. The severity of these vulnerabilities...
Over 3,000 Apache ActiveMQ Servers Vulnerable To RCE Attacks

3,000+ Apache ActiveMQ Servers Vulnerable to RCE Attacks

More than 3,000 Apache ActiveMQ servers exposed to the internet are at risk due to a critical remote code execution (RCE) vulnerability identified as CVE-2023-46604. The most widely used open-source, multi-protocol, Java-based message broker is called Apache ActiveMQ....
Remote Desktop Manager Flaw

Remote Desktop Manager Flaw Let Attacker Execute Remote Code

Recent reports indicate that the Remote Desktop Manager and Devolutions Server have been affected by improper access control and Remote code execution vulnerabilities. The CVEs of these vulnerabilities have been assigned as CVE-2023-5766, CVE-2023-5765, and...
VMware Workspace Flaw Let Attacker Redirect User to Malicious Source

VMware Workspace Flaw Let Attacker Redirect User to Malicious Source

An open redirect vulnerability in the VMware Workspace ONE UEM console has been identified as CVE-2023-20886, which has a CVSS score of 8.8 and is classified as 'Important' in severity. By using this vulnerability, an attacker...
Kubernetes Security Flaw Let Attackers escalate to admin privileges

Kubernetes Security Flaw Let Attackers Escalate to Admin Privileges

A new privilege escalation vulnerability has been discovered in Kubernetes, which allows threat actors to gain administrative privileges on affected pods. The CVE for this vulnerability has been assigned as CVE-2023-3676, and the severity...

Managed WAF

Website

Latest News