Category: Vulnerability Research

Microsoft Exchange Server Zero-Days

(By: William Beard on March 25, 2021) Executive Summary CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-26865 are four zero-day vulnerabilites that were used recently by the state-sponsored Chinese based threat actor HAFNIUM and other threat actors to infiltrate Microsoft Exchange servers.  Once inside, the attackers would deploy web shells, exfiltrate data, deploy ransomware and execute other malicious attacks […]

SolarWinds Hack

(By: William Beard on February 18, 2021) Introduction In June 2020, SolarWinds, a software development company based out of Austin, Texas, reported a breach in their supply chain for Orion IT monitoring and management software, also known as the “Sunburst” [1] or “Solorigate” [3] attack.  This breach is significant because SolarWinds and its Orion software are used by […]

Comcast TV Remote “WarezTheRemote” Vulnerability can Turn into a Listening Device

Introduction Comcast security researcher team disclosed a vulnerability found in the Comcast XR11 TV remote called “WarezTheRemote” allowing an attacker to record audio without the user’s interaction [1]. What makes this remote different from a traditional one is the capabilities of voice-activation giving the users the ability to change channels or applications without having to […]

Microsoft Windows “ZeroLogon” Vulnerability Impacts Samba

Introduction Earlier this month Microsoft announced a privilege-escalation vulnerability or “ZeroLogon” with a Common Vulnerability Scoring System (CVSS) score of 10.0 of 10.0 making it critically severe. It was said that on September 18, 2020 Department of Homeland Security (DHS) “issued an Emergency Directive requiring all federal agencies to address the flaw within three days, […]

CVE-2020-1472 – Windows Microsoft “Zerologon” or “NetLogon” Vulnerability Exploit Released

Introduction On September 11, 2020 Secura, a digital security advisor company discovered and announced the Microsoft “Zerologon” or “NetLogon” vulnerability, with a Common Vulnerability Scoring System (CVSS) score of 10.0 of 10.0 making it critically severe [1]. “An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the […]

CVE-2020-9992 Apple iOS High-Severity Privilege-Escalation Vulnerability

Introduction On September 16, 2020 International Business Machines (IBM) X-Force reported high-severity vulnerability with a Common Vulnerability Scoring System (CVSS) score of 7.3 out of 10 impacting iPhone 6s and newer models devices. The privilege-escalation vulnerability could be executed by tricking a target to open a specially crafted file [1]. Vulnerability The vulnerability is tied […]

WordPress File Manager Plugin Affected by a Zero-Day Vulnerability

Introduction On September 01, 2020, a zero-day vulnerability on a WP (WordPress) File Manager plugin that was said to be installed on more than 700,000 sites was found and patched all within the same day. The vulnerability gives “attackers the ability to upload files and execute code remotely on an affected site” [1] the bug […]

CVE-2020-6492 a use-after-free Vulnerability Fixed for Google Chrome Version 85

Introduction Google Chrome Version 85 has made its way to the stable version the last week of August 2020 making 20 security fixes [1]. There were 14 vulnerabilities patches that was discovered by external researchers. None of flaws were deemed a rating of critical risk, however there was a vulnerability that was found that Google […]

ɑmɑzon.com or amazon.com: Which One Would You Click?

Introduction Domain name spoofing is a popular technique used in phishing campaigns to trick people into clicking on a malicious link. There is typosquatting that use slight misspellings of a domain name, and homograph spoofs that substitute characters in the domain for similar looking characters. Domain characters use Latin scripts and are commonly spoofed using […]

More than One Billion Devices Affected by Wi-Fi Encryption Vulnerability

Introduction Many devices produced today are all headed towards connectivity to the Internet and becoming part of the Internet of things (IoT). These IoT devices can make life easier as more processes around home become automated. However, this also increases the attack surface of a network as more connected devices are made available for adversaries. […]