Getty Images reader comments 1 with 1 posters participating Share this story Exploit code was released this week for a just-patched vulnerability in VMware Cloud Foundation and NSX Manager appliances that allows hackers with no authentication to execute malicious code with the highest system privileges. VMware patched the vulnerability, tracked as CVE-2021-39144, on Tuesday and… Read More »
The_Grim_Sleeper reader comments 26 with 24 posters participating Share this story Bandai Namco, publisher of the Dark Souls role-playing game series, has taken down its player-versus-player servers while it investigates reports of a serious vulnerability that allows players to execute malicious code on the PCs of fellow players. Word of the critical remote-code-execution flaw emerged… Read More »
reader comments 20 with 16 posters participating Share this story A public proof-of-concept (PoC) exploit has been released for the Microsoft Azure Active Directory credentials brute-forcing flaw discovered by Secureworks and first reported by Ars. The exploit enables anyone to perform both username enumeration and password brute-forcing on vulnerable Azure servers. Although Microsoft had initially… Read More »
Enlarge / This isn’t how the OMIGOD vulnerability works, of course—but lightning is much more photogenic than maliciously crafted XML. reader comments 31 with 20 posters participating, including story author Share this story Cloud security vendor Wiz—which recently made news by discovering a massive vulnerability in Microsoft Azure’s CosmosDB-managed database service—has found another hole in Azure.… Read More »
Enlarge / Cosmos DB is a managed database service offering—including both relational and noSQL data structures—belonging to Microsoft’s Azure cloud infrastructure. reader comments 44 with 22 posters participating, including story author Share this story Cloud security vendor Wiz announced yesterday that it found a vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that granted… Read More »
reader comments 106 with 75 posters participating, including story author Share this story This weekend, security researcher jonhat disclosed a long-standing security bug in the Synapse software associated with Razer gaming mice. During software installation, the wizard produces a clickable link to the location where the software will be installed. Clicking that link opens a File… Read More »