[SecurityWeek] Remote Code Execution Vulnerability Found in AWS WorkSpaces

Rhino Security Labs researchers have identified a vulnerability in the AWS WorkSpaces desktop client that could allow an attacker to execute arbitrary code remotely. Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable […]

Read More

[SecurityWeek] Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw

Cybersecurity researchers have been able to capture hundreds of thousands of Windows domain and application credentials due to the design and implementation of the Autodiscover protocol used by Microsoft Exchange. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] Flaws in Nagios Network Management Product Can Pose Risk to Many Companies

Researchers have discovered nearly a dozen vulnerabilities in widely used network management products from Nagios. The flaws could pose a serious risk to organizations as these types of products can be a tempting target for malicious actors. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] White House Blacklists Russian Ransomware Payment ‘Enabler’

The Biden administration sought Tuesday to choke the finances of criminal ransomware gangs, announcing sanctions against a Russia-based virtual currency brokerage that officials say helped at least eight ransomware gangs launder virtual currency. read more Source: Read More (SecurityWeek RSS Feed)

Read More