Experts had been warning for weeks that there would be issues resulting from the expiration of root CA certificates provided by Lets Encrypt.
Source: Read More (Latest topics for ZDNet in Security)
You might be interested in …
[HackerNews] Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative
Cybersecurity researchers have disclosed new security vulnerabilities in the Etherpad text editor (version 1.8.13) that could potentially enable attackers to hijack administrator accounts, execute system commands, and even steal sensitive documents. The two flaws — tracked as CVE-2021-34816 and CVE-2021-34817 — were discovered and reported on June 4 by researchers from SonarSource, following Source: Read […]
[SANS ISC] VMware Security Advisory VMSA-2021-0010, (Tue, May 25th)
VMware has issued a critical security advisory VMSA-2021-0010 (CVSSv3 score ranging from 6.5-9.8). The products affected are VMware vCenter Server and VMware Cloud Foundation, and addresses CVE-2021-21985 and CVE-2021-21986 [1]. References: [1] https://www.vmware.com/security/advisories/VMSA-2021-0010.html ———– Yee Ching Tok, ISC Handler Personal Site Twitter (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. […]
[SANS ISC] Russian Dolls VBS Obfuscation, (Fri, Jun 4th)
We received an interesting sample from one of our readers (thanks Henry!) and we like this. If you find something interesting, we are always looking for fresh meat! Henry’s sample was delivered in a password-protected ZIP archive and the file was a VBS script called “presentation_37142.vbs” (SHA256:2def8f350b1e7fc9a45669bc5f2c6e0679e901aac233eac63550268034942d9f). I uploaded a copy of the file on MalwareBazaar[1]. […]