many parts make the whole
Vulnerabilities have been discovered/disclosed in ALL Nvidia GeForce GPUs requiring a driver update that is currently available. The vulnerabilities potentially allow a threat actor to gain full control of a compromised system so be sure to update ASAP if you have an Nvidia GPU! Updated drivers can be found here More reading here and here! … Read More “VULNERABILITIES FOUND IN ALL Nvidia GeForce GPUS” »
A novel VPN attack being called TunnelVision is able to force encrypted VPN traffic to route outside of the secure tunnel, potentially allowing a bad actor to intercept communication thought to be encrypted and secure. According to researchers the vulnerability may have existed since as early as 2002. The attack does not appear to effect … Read More “NOVEL VPN ATTACK FORCES TRAFFIC OUTSIDE OF ENCRYPTED TUNNEL” »
A vulnerability exists that could allow a bad actor to bypass authentication and gain admin access to Delinea Secret Server which is a Privileged Access Management solution. Attackers could potentially extract secrets. The vulnerability exists in the Secret Server SOAP API. Information on the vulnerability and a PoC are already available from a blog post … Read More “CRITICAL VULNERABILITY IN Delinea Secret Server ALLOWS AUTH BYPASS” »
Evan Boehs has provided a detailed analysis and timeline of the xz Utils backdoor. Evan has gone in detail into the why of the compromise, how the threat actor leveraged the culture of the open source software community to gain the trust and experience needed to attempt rolling a malicious backdoor out to a very … Read More “ADDITIONAL ANALYSIS ON THE xz Utils BACKDOOR” »
Malicious code has been detected in xz Utils that appears to be intended to create a backdoor in sshd. xz Utils is a common compression utility used in many Linux distros including Debian and Red Hat. according to a researcher from Analygence the malicious versions of xz Utils were not added to production versions of … Read More “BACKDOOR IN WIDELY USED Linux UTILITY TARGETS SSH CONNECTIONS” »
Exploit code is now available for CVE-2021-1675 allowing for Remote Code Execution. This vulnerability allows an unauthenticated bad actor to execute code as SYSTEM on vulnerable systems. Microsoft has released an advisory and patches are available here. There are reports that the patches alone are not sufficient at this time so you may want to … Read More “PrintNightmare – REMOTE CODE EXECUTION in Windows Spooler Service CVE-2021-1675” »
At this time there are now multiple exploits available for CVE-2020-0688 which allows for Remote Code Execution on servers running a vulnerable version of Microsoft Exchange. This code is executed as SYSTEM and the CVSS score for this vulnerability is 9.0 HIGH. Authentication is required, however, due to Outlook Web Access this could be easy … Read More “Microsoft Exchange CVE-2020-0688 – MULTIPLE EXPLOITS AVAILABLE” »
A security vulnerability was revealed earlier this week in the Nvidia GeForce Experience. If you are not familiar this is Nvidia’s preferred, (meaning default), method of delivering drivers to their video cards. Most gamers using Nvidia cards likely have this application installed to keep their drivers updated. It also includes the ability to take screenshots … Read More “NVIDIA GEFORCE EXPERIENCE OS COMMAND INJECTION” »