Contact us: (949) 287-3374 Fax: (626) 382-5666

Category: Uncategorized

Time to patch. Critical vulnerability in handling HTTP protocol in Windows 10 / Server

Microsoft released patches addressing a critical RCE vulnerability in Windows. This vulnerability allows an unauthenticated attacker to remotely execute code as kernel. This is a wormable vulnerability where an attacker can simply send a malicious crafted packet to the target impacted web server. Microsoft rates the criticality of this vulnerability at 9.8 / 10 on…

Update your Apple devices

Yes, there was just an update (to 14.5). But security is a process, not a product. It needs to be constantly monitored and improved. Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPot touch (7th generation) Impact:…

New 0-day on Microsoft Exchange…

Devcore team is still on the wave, this time they scooped up $200.000 (under the ZDI program) for another 0day exploit on Microsoft Exchange. This time there aren’t any patches available, but probably they will be very soon We have conducted a security audit for California services regarding the vulnerability in Microsoft Exchange systems. We…

Microsoft Teams. Exploit worth $200.000

The screenshot “Attempt 1”, means that the exploit works very well and it took only one attempt to use it. It is possible to get a code execution on the victim’s computer. Investigator’s award goes up to $ 200,000. What to do ? For now, there’s not much we can do (apart from waiting for…