Vulnerabilities & Threats that Matter 13 June – 19 June 2022
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 798 53 1 109 4 13 For a detailed threat digest, download the pdf file here Summary The first week of June 2022 witnessed the discovery of 798 vulnerabilities out of which 53 …
Iranian APT targets Middle East’s Energy & Telecommunications industry
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary A new campaign has been launched by a state-sponsored Iranian APT group, Lyceum to target organizations from the Middle East in the energy and telecommunication sectors. They have been observed deploying a …
Deserialization of untrusted data by Fastjson library leads to RCE
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Applications using the Fastjson java library are impacted by remote code execution vulnerability. …
GALLIUM targets Telecommunications sector using new PingPull tool
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary A new, difficult-to-detect remote access trojan known as PingPull has been discovered and is used by GALLIUM (also known as Softcell), an APT group. They have expanded by targeting telecommunications, finance and …
Attackers can bypass authentication in Cisco SMA & ESA
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An attacker can login into a web management interface of an affected system to perform bypass authentication remotely. …
Unauthenticated remote user can reset administrator password in Citrix ADM
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An unauthorized remote user can corrupt the system which can lead to an administrator password reset to default on the next reboot. …
Security updates for Adobe Animate June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has issued a security update for Adobe Animate. The update resolves a critical vulnerability at priority 3 (as per Adobe) that could lead to arbitrary code execution in the context of …
Security updates for Adobe InCopy June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe InCopy that address critical vulnerabilities at priority 3 (as per Adobe). These vulnerabilities could lead to arbitrary code execution. …
Security updates for Adobe InDesign June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe InDesign that addresses critical vulnerabilities at priority 3 (as per Adobe). These vulnerabilities could lead to arbitrary code execution on target systems, if successfully exploited. …
Security updates for Adobe Illustrator June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe Illustrator that addresses critical vulnerabilities at priority 3 (as per Adobe). These vulnerabilities could lead to arbitrary code execution on target systems and memory leak. …