Update Chrome now! Google issues patch for zero day spotted in the wild

Categories: Exploits and vulnerabilities

Categories: News

Tags: 104.0.5112.101

Tags: Google

Tags: Chrome

Tags: CVE-2022-2852

Tags: CVE-2022-2856

Tags: CVE-2022-2854

Tags: CVE-2022-2853

Tags: UAF

Tags: heap buffer overflow

Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild.

(Read more…)

The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.

Read more

[updated] Thousands of Zimbra mail servers backdoored in large scale attack

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post [updated] Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

Read more

Researchers found one-click exploits in Discord and Teams

Categories: Exploits and vulnerabilities

Categories: News

Tags: Discord

Tags: Spotify

Tags: MicrosoftTeams

Tags: Electron

Tags: ElectronJS

Tags: NodeJS

Tags: V8 Chrome

Tags: Log4Shell

Tags: Log4j

A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, and many others

(Read more…)

The post Researchers found one-click exploits in Discord and Teams appeared first on Malwarebytes Labs.

Read more

Thousands of Zimbra mail servers backdoored in large scale attack

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

Read more

Update now! Microsoft fixes two zero-days in August’s Patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: MSDT

Tags: NFS

Tags: PPP

Tags: Exchange

Tags: CVE-2022-34713

Tags: CVE-2022-35743

Tags: DogWalk

Tags: CVE-2022-30134

Tags: CVE-2022-24477

Tags: CVE-2022-24516

Tags: CVE-2022-30133

Tags: CVE-2022-34715

Tags: Adobe

Tags: Cisco

Tags: Google

Tags: Android

Tags: SAP

Tags: VMWare

Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did.

(Read more…)

The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.

Read more

Patch now! Cisco VPN routers are vulnerable to remote control

Credit to Author: Pieter Arntz| Date: Sun, 07 Aug 2022 11:14:14 +0000

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers.

The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

Read more

Update now! VMWare patches critical vulnerabilities in several products

Credit to Author: Pieter Arntz| Date: Wed, 03 Aug 2022 13:27:47 +0000

In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products.

The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

Read more