M.A. Polce
Vulnerability
Vulnerability
28
September, 2023
0
High Severity Zero-Day Libwebp Vulnerability
The libwebp vulnerability is a critical issue that is currently being exploited by attackers. This vulnerability affects nearly all operating systems and applications utilizing the libwebp library, including those built…
18
May, 2023
Cisco Warns of Critical Switch Bugs with Public Exploit Code
Stay informed on the latest security threats and protect your devices from potential security breaches. Recently, Cisco issued a security advisory warning customers of four new bugs affecting multiple Small…
05
May, 2023
Attacks on TBK DVR Vulnerability Rise
Overview - Attacks on TBK Vision's DVR Vulnerability Last month, there was a massive surge in malicious attacks targeting a five-year-old vulnerability in TBK Vision's DVR Camera System. A Digital…
06
April, 2023
QNAP Zero-Days Leave 80K Devices Vulnerable
Overview of the QNAP Zero-Days Several QNAP (Quality Network Appliance Provider) Operating Systems for Network Attached Storage (NAS) zero-day vulnerabilities have been discovered and are now impacting over 80,000 devices.…
10
March, 2023
New Fortinet Critical Unauthenticated RCE Vulnerability
Overview Fortinet warns of a new critical buffer underwrite vulnerability that affects FortiOS and FortiProxy. Tracked as CVE-2023-25610, this vulnerability allows an unauthenticated attacker to execute an arbitrary code or…
06
February, 2023
New Ransomware Campaign Targets Unpatched VMware ESXi Servers
Overview VMware released a security advisory on February 6th, 2023, about the ongoing attack of a vulnerability in ESXi's OpenSLP service. This new ransomware campaign targets public-facing ESXi servers worldwide. The…
01
February, 2023
Cisco Bug Opens Devices to Takeover
Overview Two new security vulnerabilities were discovered in Cisco products that are used throughout many organizations. Examples of these organization types include industrial factories, large enterprises, manufacturing centers, power grids,…
01
February, 2023
QNAP NAS Devices Vulnerable to Critical SQL Injection Vulnerability
Overview QNAP Systems Inc. has brought attention to a new critical vulnerability (CVE-2022-27596) that allows remote attackers to inject malicious code on certain QNAP network-attached storage (NAS) devices. QNAP itself…
31
January, 2023
KeePass Disputes Vulnerability Allowing Stealthy Password Theft
Overview The open-source password management software KeePass has been linked to a newly found vulnerability, CVE-2023-24055. KeePass allows you to manage your passwords using a database that is locally stored…
