[updated]Two new Exchange Server zero-days in the wild

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post [updated]Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

Read more

Actively exploited vulnerability in Bitbucket Server and Data Center

Categories: Exploits and vulnerabilities

Categories: News

Tags: Atlassian

Tags: Bitbucket

Tags: git

Tags: CVE-2022-36804

Tags: RCE

Tags: read permission

International cybersecurity authorities are warning about the active exploitation of a vulnerability in Bitbucket Server and Data Center

(Read more…)

The post Actively exploited vulnerability in Bitbucket Server and Data Center appeared first on Malwarebytes Labs.

Read more

Two new Exchange Server zero-days in the wild

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

Read more

Critical WhatsApp vulnerabilities patched: Check you’ve updated!

Categories: Exploits and vulnerabilities

Categories: News

Tags: WhatsApp

Tags: CVE-2022-36934

Tags: CVE-2022-27492

Two RCE vulnerabilities were patched in WhatsApp. Both vulnerabilities were video related and could be used to compromise your device.

(Read more…)

The post Critical WhatsApp vulnerabilities patched: Check you’ve updated! appeared first on Malwarebytes Labs.

Read more

Medtronic’s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA

Categories: Exploits and vulnerabilities

Categories: News

Medtronic, an insulin pump company, notified its users of a potential risk of attack due to a flaw in its pump’s communication protocol.

(Read more…)

The post Medtronic’s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA appeared first on Malwarebytes Labs.

Read more

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE-2022-40959

Tags: CVE-2022-40960

Tags: CVE-2022-40962

Tags: CVE-2022-3033

Tags: Mozilla

Tags: Firefox

Tags: Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system.

(Read more…)

The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.

Read more

[updated] Important update! iPhones, Macs, and more vulnerable to zero-day bug

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE-2022-22594

Tags: CVE-2022-32917

Apple has patched an actively-exploited flaw that affects a host of devices and software, including iPhones, Macs, iPads, and iPod touch.

(Read more…)

The post [updated] Important update! iPhones, Macs, and more vulnerable to zero-day bug appeared first on Malwarebytes Labs.

Read more