Belgium's Federal Public Service Interior (i.e., the country's Interior Ministry) has suffered a "complex, sophisticated and targeted cyberattack." When Microsoft released out-of-band security updates for Exchange Server in early March to fix zero-day vulnerabilities exploited by the Hafnium threat actor, the FBS Interior called in the Center for Cybersecurity Belgium (CCB) to help with the patching of their Exchange servers. READ MORE...
A team of researchers from Google has identified a new Rowhammer attack technique that works against recent generations of dynamic random-access memory (DRAM) chips. Rowhammer attacks - first discussed in 2014 - involve repeatedly accessing a row of memory in an effort to cause bit flips in adjacent rows, which can be useful for bypassing memory protections. A malicious actor could use Rowhammer to escalate privileges and for other purposes. READ MORE...
Three security vulnerabilities have been found in Trend Micro's Home Network Security systems, which can allow denial of service (DoS), privilege escalation, code execution and authentication bypass. The Home Network Security Station is an all-in-one device that scans for vulnerabilities for connected devices, performs intrusion detection and allows consumers to control access settings for all devices on the network. READ MORE...
Pulse Secure has issued a workaround for a critical remote-code execution (RCE) vulnerability in its Pulse Connect Secure (PCS) VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure's parent company, Ivanti, issued an out-of-band advisory on May 14. The company explained that this high-severity bug - identified as CVE-2021-22908 and rated CVSS 8.5 - affects Pulse Connect Secure versions 9.0Rx and 9.1Rx. READ MORE...
Following a devastating cyberattack on the Colonial Pipeline, the Transportation Security Administration-which sits within the government's Department of Homeland Security-will issue its first-ever cybersecurity directive for pipeline companies in the United States, according to exclusive reporting from The Washington Post. The directives are expected to arrive within the week and will require pipeline companies in the US to report any cyberattacks they suffer to the TSA and the Cybersecurity Infrastructure and Security Agency. READ MORE...
Data centers around the world have a new concern to contend with-a remote code vulnerability in a widely used VMware product. The security flaw, which VMware disclosed and patched on Tuesday, resides in the vCenter Server, a tool used for managing virtualization in large data centers. vCenter Server is used to administer VMware's vSphere and ESXi host products, which by some rankings are the first and second most popular virtualization solutions on the market. READ MORE...