Microsoft fixes four zero-day flaws in Exchange Server exploited by China’s ‘Hafnium’ spies to steal victims’ data

Patch ASAP: Holes used to raid top-tier targets and stash info in Kim Dotcom’s old cloud file locker Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from US-based defense contractors, law firms, and infectious disease researchers.… The Register – Security

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

Microsoft has released emergency patches to address four previously undisclosed security flaws in Exchange Server that it says are being actively exploited by a new Chinese state-sponsored threat actor with the goal of perpetrating data theft. Describing the attacks as “limited and targeted,” Microsoft Threat Intelligence Center (MSTIC) said the adversary used these vulnerabilities to access The Hacker […]

Patch your Exchange email server now! flaws exploited by hackers to download corporate email

Microsoft has released emergency security patches for four zero-day vulnerabilities in its Exchange email server software, widely used by businesses. Graham Cluley

Another Remote Code Execution flaw in WebLogic exploited in the wild

Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server. On Tuesday, Oracle released emergency patches for another critical remote code execution vulnerability affecting the WebLogic Server. The vulnerability, tracked as CVE-2019-2729, affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The vulnerability is a remotely exploitable deserialization vulnerability via XMLDecoder in Oracle WebLogic […]

Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants

Just make sure you’re running the latest version Mozilla has released an emergency critical update for Firefox to squash a zero-day vulnerability that is under active attack.… The Register – Security

Next Page »