Cybercrime

Vulnerable Microsoft SQL Servers targeted through Cobalt strike

Hackers Target Microsoft SQL Database Servers Through Cobalt Strike

VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and … Read More

Trojans through Microsoft Teams

Hackers Spread Trojans Through Microsoft Teams

VTA-00406 – Hackers Spread Trojans Through Microsoft Teams Hackers are attaching .exe files to Teams chat to install a Trojan on the end-user computer. This trojan will bypass default protections in Teams and install malware, in which Teams has limited … Read More

PROVINTELL ESET Antivirus bug for window system privileges

ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges

VTA-00405 – ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges Recently, ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and … Read More

PROVINTELL Cyber Security Polkit's Pkexec CVE-2021-4034

Local Privilege Escalation Vulnerability in Polkit’s Pkexec

VTA-00404 – Local Privilege Escalation Vulnerability in Polkit’s Pkexec Recently, a local privilege escalation vulnerability in Polkit’s pkexec component is discovered in the default installations of Ubuntu, Debian, Fedora, and CentOS. This vulnerability has been hiding in plain sight for 12+ … Read More

Safari Brower Bugs allows cross site user tracking

Safari Browser Bug Allows Cross-Site User Tracking

VTA-00403 – Safari Browser Bug Allows Cross-Site User Tracking Recently, a software bug introduced in Apple Safari 15’s implementation of the IndexedDB API could be abused by a malicious website to track user’s online activity in the web browser and … Read More

WordPress 5.8.3 Release for Vulnerabilities

WordPress 5.8.3 To Address 4 Vulnerabilities

VTA-00402 – WordPress 5.8.3 To Address 4 Vulnerabilities  The Story: The WordPress development team released WordPress version 5.8.3 to address four vulnerabilities, two of which are rated as high severity. The set includes an SQL injection on WP_Query, a blind SQL injection … Read More