Author Archives: CSIRT

Author: Elizabeth Montalbano Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats, researchers said. Four Microsoft zero-day vulnerabilities in the Azure cloud platform’s Open Management Infrastructure (OMI) — a software that many don’t know is embedded in a host of services — show that […]

Abuse of flaw could give attackers greater access to devices even than its owner A zero-click (https://portswigger.net/daily-swig/vulnerabilities) in a popular IoT security camera could allow an unauthenticated attacker to gain full access to the device and possibly internal networks, a researcher has warned. The researcher, dubbed ‘Watchful IP’, has released details of the unauthenticated remote […]

By Sergiu Gatlan An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus (formerly Windows Defender) on victims’ computers to evade detection. According to Microsoft’s stats, Microsoft Defender Antivirus is the anti-malware solution pre-installed on more than 1 billion systems running Windows 10. The attackers have also changed the malware delivery vector from spam or phishing […]

Disclosure comes two years after privacy-busting flaw was discovered A zero-day vulnerability in Virgin Media Super Hub 3 routers enables attackers to unmask the true IP addresses of (https://portswigger.net/daily-swig/vpn) users, security researchers have revealed. Fidus Information Security, a UK (https://portswigger.net/daily-swig/pen-testing) consultancy, has published details of the flaw nearly two years after first alerting Virgin Media, […]