ProxyToken (CVE-2021-33766): Authentication Bypass in Microsoft Exchange Server
UPDATE 9/17 - An IPS signature has been released in definitions (18.160) as "MS.Exchange.Server.SecurityToken.Authentication.Bypass"FortiGuard Labs is aware of a new disclosure dubbed PROXYTOKEN, which is...
CVE-2021-21708
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the...
CVE-2020-27958
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1.8.18 allows remote authenticated users to provide crafted input in...
Ukrainian military personnel targeted with phishing attacks
CERT-UA, the national Computer Emergency Response Team for Ukraine, has issued a warning of a major phishing campaign launched against military personnel. The attack is...
CVE-2020-36516
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker...
Conti gang says it’s ready to hit critical infrastructure in support of Russian government
The infamous cybercriminal group behind the Conti ransomware has publicly announced its full support for the Russian government while the country's army is invading Ukraine...
libsolv-0.7.21-1.fc35
FEDORA-2022-f8921a3891 Packages in this update: libsolv-0.7.21-1.fc35 Update description: Update to 0.7.21 (Linked CVEs should not affect even current version… but as somebody opened bunch of...
CVE-2021-22319
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows. Read More
Russia Sanctions May Spark Escalating Cyber Conflict
President Biden joined European leaders this week in enacting economic sanctions against Russia in response to its invasion of Ukraine. The West has promised tougher...
BlackCat ransomware
This blog was jointly written with Santiago Cortes. Executive summary AT&T Alien Labs™ is writing this report about recently created ransomware malware dubbed BlackCat which...