NSA Urges Orgs Patch Vulnerability Following Russian Exploitation
Attackers have been actively exploiting a recently uncovered command injection bug in VMware products to access protected data.
Attackers have been actively exploiting a recently uncovered command injection bug in VMware products to access protected data.
Just days after fixing two zero day vulnerabilities, Google has rolled out yet another version of its Chrome browser, resolving a fix for last month's NAT Slipstream attack.
In hopes that enterprises patch them, the NSA shared a list of 25 vulnerabilities currently being targeted by Chinese hackers.
A new, potentially wormable remote code execution vulnerability in the Windows TCP/IP stack was patched this week.
CISA is warning that attackers are chaining together the recent Netlogon vulnerability, along with VPN vulnerabilities, to hack government networks.
In a rare emergency directive, CISA asked all federal agencies to immediately deploy last month's Windows Security Update to remediate a critical vulnerability in Netlogon.
Details on Friday came out around a severe privilege escalation vulnerability Microsoft patched last month in Netlogon. Now exploit code for the vulnerability, Zerologon, is making the rounds online.
The FBI warned organizations last week that an Iranian hacking group has been targeting vulnerable networking devices for a month.
In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.
The U.S. government recapped the top 10 most exploited vulnerabilities from 2016-2019 and warned how 2020 is shaping up vulnerability-wise on Tuesday.