CODEREDVTA

VTA-00412 – NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation Recently, NGINX has issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol (LDAP) Reference Implementation. The reference implementation which uses LDAP to authenticate users, is impacted only …

VTA-00411 – Urgent Google Chrome Update to Patch Type Confusion Vulnerability  (CVE-2022-1096) Google has issued update to Chrome 99.0.4844.84 for Windows, Mac, and Linux, to address a high severity vulnerability in its Chrome browser that is being actively exploited in the …

VTA-00410 – New Browser-in-the-Browser (BitB) Attack Steals User Credentials Recently, there is new way to trick targets into coughing up sensitive information. This new type of attack is found  to be using phishing technique that simulates a browser window within …

VTA-00409 – High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros Recently, Linux has another high-severity vulnerability that makes it easier for untrusted users to execute codes capable of carrying out a host of malicious actions, including installing …

VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that …