Home 2022
Yearly Archives: 2022
Technical Details Released for ‘SynLapse’ RCE Vulnerability Reported in Microsoft Azure
June 14, 2022Ravie Lakshmanan
Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and...
Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
June 14, 2022Ravie Lakshmanan
An unpatched security issue in the Travis CI API has left tens of thousands of developers' user tokens exposed to potential...
Researchers Detail PureCrypter Loader Cyber Criminals Using to Distribute Malware
June 14, 2022Ravie Lakshmanan
Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that's being purchased by cyber criminals to deliver remote access...
New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using “Magic Packets”
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered...
What is the Essential Eight (And Why Non-Aussies Should Care)
June 14, 2022The Hacker News
In 2017, The Australian Cyber Security Center (ACSC) published a set of mitigation strategies that were designed to help organizations...
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords...
Patch Tuesday: Microsoft Issues Fix for Actively Exploited ‘Follina’ Vulnerability
Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates.
Also addressed by...
Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week,...
Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022.
Dubbed Panchan by Akamai...
New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs
A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack.
Dubbed Hertzbleed by...
