Introduction iSecurity is publishing threat advisory about critical vulnerabilities that need special attention: An actively exploited authentication bypass vulnerability was identified in ManageEngine ADSefService Plus….
Introduction On October 14th, the SOC at iSecurity observed an active threat where C2 traffic was attempting to contact beacons to the below-mentioned IP addresses….
Introduction Microsoft has published information regarding a zero-day remote code execution vulnerability that exploits MSHTML via a crafted ActiveX control. A successful exploit of MSHTML…
Action A confirmed Phishing email is attempting to harvest credentials anyone who entered credentials or suspect to enter credentials needs to reset the password. We…
Introduction Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary…
Introduction A 0-day remote code execution exploit is being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence…
Mitigation Strategy – Print Spooler Remote Code Execution Vulnerability The vulnerabilities are as follows: • CVE-2021-34527: a remote code execution vulnerability that affects Windows Print…