Category Archives: Exploits

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk

The Apache Software Foundation has released fixes to contain an <<https://twitter.com/DTCERT/status/1469258597930614787>> <<https://www.cert.govt.nz/it-specialists/advisories/log4j-rce-0-day-actively-exploited/>> zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as <<https://nvd.nist.gov/vuln/detail/CVE-2021-44228>> and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, […]

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. “These attacks used the vulnerability, tracked as CVE-2021-40444 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40444), as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders,” […]

Apple iPhone iOS 14.8 patches security exploit used by Pegasus spyware

Apple has released security updates for its devices after researchers identified a so-called “zero-click” exploit affecting its iMessage messaging service. The previously-unidentified vulnerability affects all of Apple’s current devices, including iPhones, iPads, Apple Watches and Mac computers, the researchers said, adding that Apple users should “immediately” update their devices. The exploit, named “FORCEDENTRY” by the University […]

Malicious PDFs Flood the Web, Lead to Password-Snarfing

SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware. The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence […]

Four Years On: Two-thirds of Global Firms Still Exposed to WannaCry

Over two-thirds (67%) of organizations are still running an insecure Windows protocol largely responsible for the infamous WannaCry and NotPetya attacks of 2017 and 2018, according to new research. Security vendor ExtraHop used its network detection and response (NDR) capabilities to analyze anonymized metadata from an unspecified number of customer networks, in order to better […]