Releases

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

Feb 11, 2023 by iHash Leave a Comment

Feb 11, 2023Ravie LakshmananRansomware / Endpoint Security After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on … [Read more...] about New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

Jan 28, 2023 by iHash Leave a Comment

Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause … [Read more...] about ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

Nov 1, 2022 by iHash Leave a Comment

The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a … [Read more...] about OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

Sep 3, 2022 by iHash Leave a Comment

Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validating in Mojo, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process … [Read more...] about Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

Jun 4, 2022 by iHash Leave a Comment

Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have come under active exploitation by threat actors to achieve remote code execution. Tracked as CVE-2022-26134, the issue is similar to CVE-2021-26084 — another security flaw the Australian software company patched in August 2021. Both relate … [Read more...] about Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

May 14, 2022 by iHash Leave a Comment

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below - CVE-2022-22282 (CVSS score: 8.2) - … [Read more...] about SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

Apr 22, 2022 by iHash Leave a Comment

A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, … [Read more...] about Researcher Releases PoC for Recent Java Cryptographic Vulnerability

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

Mar 31, 2022 by iHash Leave a Comment

The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity flaw impacts Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and other older, … [Read more...] about Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

CrowdStrike Services Releases Free Incident Response Tracker

Jan 12, 2022 by iHash Leave a Comment

The CrowdStrike Incident Response Tracker is a convenient spreadsheet that includes sections to document indicators of compromise, affected accounts, compromised systems and a timeline of significant events CrowdStrike incident response teams have leveraged this type of tracker in thousands of investigations Download the CrowdStrike Incident Response Tracker Template During a … [Read more...] about CrowdStrike Services Releases Free Incident Response Tracker

Product Releases Should Not Be Scary

Nov 25, 2021 by iHash Leave a Comment

Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but … [Read more...] about Product Releases Should Not Be Scary

The All-In-One Microsoft Office Professional for Windows 2021 & The Premium Microsoft Office Training Bundle for $69

Scrivener 3: Award-Winning App for Writers (Windows) for $29

Roomie Sophie Smart Body Scale with Free App for $32

Leather AirTag Case – Black for $29

Leather AirTag Case – Tan for $29