June 3, 2022
Finding Confluence servers (again) with runZero
An actively exploited zero-day has surfaced in popular wiki software Confluence. Deemed “critical” in severity, this vulnerability affects all supported versions of Confluence Server and Confluence Data Center, and also older, unsupported versions (i.e. everything after …
Read More
May 12, 2022
Wrangling the May 2022 Patch Tuesday
Microsoft recently released security updates for over 70 vulnerabilities, including 3 zero-days and 7 critical vulnerabilities that affect a wide-range of their products and services. The list of patches covers an actively exploited zero-day vulnerability in the Windows …
Read More
May 5, 2022
Finding F5 BIG-IP instances
Technology vendor F5 recently published information on over 40 vulnerabilities, mostly affecting their BIG-IP line of products. While these vulnerabilities include a mix of types and severities, a particular authentication bypass vulnerability that can affect all BIG-IP …
Read More
April 29, 2022
Finding Netatalk instances
A critical vulnerability in the Netatalk open source file server software was found in some popular network attached storage (NAS) devices. Netatalk provides services for the deprecated AFP (Apple Filing Protocol, formerly known as Appletalk Filing Protocol), and runs on a …
Read More
March 30, 2022
Finding Kaspersky AV on your Windows endpoints
Late last week, the U.S. Federal Communications Commission announced it had added Russian-based Kaspersky Lab to its Covered List, maintained by the FCC to identify “entities that pose an unacceptable risk to U.S. national security.” This follows a 2017 action by the U.S. …
Read More
March 15, 2022
Finding Veeam Backup & Replication instances
Veeam recently published information on two vulnerabilities in the Veeam Backup & Replication product, originally reported by Nikita Petrov of Positive Technologies. As of December 16th, CISA has announced the addition of two critical vulnerabilities (tracked as …
Read More
March 9, 2022
Finding APC assets vulnerable to TLStorm
Researchers at Armis recently published details on three new vulnerabilities affecting cloud-connected APC Smart-UPS devices manufactured by Schneider Electric. Dubbed “TLStorm”, two of these vulnerabilities exist in the firmware TLS implementation, while the …
Read More
February 28, 2022
Finding GitLab instances
The development team at GitLab issued a new critical security release that patches seven recently-disclosed vulnerabilities in GitLab software. Reported by customers, security researchers, and GitLab team members, these vulnerabilities are located in various components of …
Read More
February 18, 2022
Finding Zabbix instances
Popular monitoring tool Zabbix surfaced in security news this week due to two newly disclosed vulnerabilities. Discovered by researchers at SonarSource, successful exploitation of vulnerable Zabbix Frontend targets could allow authentication bypass, configuration changes, …
Read More
February 15, 2022
Finding Moxa MXview instances
Security researchers with Claroty’s Team82 recently published findings of five discovered vulnerabilities in Moxa’s MXview software. Focused on “industrial network management”, MXview enables management of deployed Operational Technologies (OT) and …
Read More