VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and … Read More
Cybercrime
Hackers Spread Trojans Through Microsoft Teams
VTA-00406 – Hackers Spread Trojans Through Microsoft Teams Hackers are attaching .exe files to Teams chat to install a Trojan on the end-user computer. This trojan will bypass default protections in Teams and install malware, in which Teams has limited … Read More
ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges
VTA-00405 – ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges Recently, ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and … Read More
Local Privilege Escalation Vulnerability in Polkit’s Pkexec
VTA-00404 – Local Privilege Escalation Vulnerability in Polkit’s Pkexec Recently, a local privilege escalation vulnerability in Polkit’s pkexec component is discovered in the default installations of Ubuntu, Debian, Fedora, and CentOS. This vulnerability has been hiding in plain sight for 12+ … Read More
Safari Browser Bug Allows Cross-Site User Tracking
VTA-00403 – Safari Browser Bug Allows Cross-Site User Tracking Recently, a software bug introduced in Apple Safari 15’s implementation of the IndexedDB API could be abused by a malicious website to track user’s online activity in the web browser and … Read More
WordPress 5.8.3 To Address 4 Vulnerabilities
VTA-00402 – WordPress 5.8.3 To Address 4 Vulnerabilities The Story: The WordPress development team released WordPress version 5.8.3 to address four vulnerabilities, two of which are rated as high severity. The set includes an SQL injection on WP_Query, a blind SQL injection … Read More