remote code execution Archives - Page 2 of 2

Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone

Issued by: Dark Reading

The recent ransomware incident at Rackspace that took down the company’s hosted Microsoft Exchange server environment has focused attention on the often-risky gamble that security teams take when choosing to mitigate a vulnerability — rather than apply a patch for it. Last week, Rackspace disclosed that a Dec. 2 intrusion into the hosting company’s Exchange…

Application Security

NSA Publishes Guidance on Mitigating Software Memory Safety Issues

Issued by: Security Week

Caused by how programs manage or allocate memory, logic errors, incorrect order of operations, or the use of uninitialized variables, software memory safety issues are often exploited for remote code execution (RCE). Representing the most common cause of vulnerabilities in many cases (Microsoft and Google blame memory safety issues for 70% of their bugs), memory…

Malware & Threats

VMware Warns of Exploit for Recent NSX-V Vulnerability

Issued by: Security Week

An end-of-life (EOL) product installed as a plug-in to VMware vCenter Server, NSX-V is a network virtualization solution offering networking and security functionality, including VPN, logical switching and routing, and more. The product is bundled within VMware Cloud Foundation. Last week, VMware announced the availability of patches for CVE-2021-39144 (CVSS score of 9.8), an RCE…

Vulnerabilities

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

Issued by: Dark Reading

While the worst of Log4Shell may be behind us and much work remains, let’s say “Well done” to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the Log4j vulnerability was last year’s problem, think again. In 2022, this vulnerability will require care and attention to fully…

Vulnerabilities

Microsoft’s PrintNightmare continues, shrugs off Patch Tuesday fixes

Issued by: Blog Malwarebytes

I doubt if there has ever been a more appropriate nickname for a vulnerable service than PrintNightmare. There must be a whole host of people in Redmond having nightmares about the Windows Print Spooler service by now. PrintNightmare is the name of a set of vulnerabilities that allow a standard user on a Windows network…

Software Security

Foxit Plugs Multiple Security Holes in PDF Reader, Editor

Issued by: Security Week

Three of the vulnerabilities addressed by Foxit were identified by Cisco Talos researchers, all three leading to arbitrary code execution. Tracked as CVE-2021-21831, CVE-2021-21870, and CVE-2021-21893, the bugs carry CVSS severity score of 8.8. Due to the manner in which certain JavaScript code or annotation objects are handled, a maliciously crafted PDF file may lead…

Network Security

The Windows Bad Neighbor vulnerability explained — and how to protect your network

Issued by: CSO

In October 2020, Microsoft patched a set of vulnerabilities that included critical networking bugs CVE-2020-16898 and CVE-2020-16899. Known as “Bad Neighbor” or “Ping of Death Redux,” these flaws lurk in the TCP/IP networking implementation in Windows in how incoming ICMPv6 packets are handled under certain conditions. Both CVE-2020-16898 and CVE-2020-16899 represent the Bad Neighbor vulnerability,…