[HackerNews] New High-Severity Vulnerability Reported in Pulse Connect Secure VPN

Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges.
“Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user,”

Source: Read More (The Hacker News)

You might be interested in …

[SANS ISC] ISC Stormcast For Wednesday, June 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7534, (Wed, Jun 9th)

All posts, Sans-ISC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

[ZDNet] Kaseya victim struggling with decryption after REvil goes dark

All posts, ZDNet

One victim of the Kaseya attack is left with few options for help now that their decryptor is not working and REvil’s help desk has vanished. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ThreatPost] Microsoft: Big Cryptomining Attacks Hit Kubeflow

All posts, ThreatPost

Misconfigured dashboards are yet again at the heart of a widespread, ongoing cryptocurrency campaign squeezing Monero and Ethereum from Kubernetes clusters. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.