23 October 2020

Vulnerability summary for the week: October 23, 2020

Vulnerability summary for the week: October 23, 2020
A weekly vulnerability digest.

Latest Posts

Coronavirus vaccine-maker Dr. Reddis shuts down operations following a cyber-attack

Coronavirus vaccine-maker Dr. Reddis shuts down operations following a cyber-attack

The company suffered a “mega data breach,” which led to the closure of key units across the UK, the US, Brazil, India, and Russia.
23 October 2020
Energetic Bear APT targets US governments, avaition networks

Energetic Bear APT targets US governments, avaition networks

The hackers are using Windows Netlogon vulnerability to obtain access to Windows Active Directory (AD) servers and elevate privileges.
23 October 2020
Operation Earth Kitsune spies on users via compromised sites

Operation Earth Kitsune spies on users via compromised sites

In order to compromise websites to host malware the attackers used a total of five C&C servers and a slew of RCE and EoP vulnerabilities.
22 October 2020
Loginizer WordPress plugin gets forced security update for severe SQL injection vulnerability

Loginizer WordPress plugin gets forced security update for severe SQL injection vulnerability

Given the severity of the flaw, the WordPress security team has decided to push forced update to all sites running Loginizer on WordPress 3.7 and higher.
22 October 2020