Security Leftovers

Posted by Roy Schestowitz on Sep 30, 2022

Excellent Utilities: CopyQ â advanced clipboard manager

Open Hardware: Adafruit and SparkFun

↺ Firewall

Researcher warns of new zero-day in Microsoft Exchange under exploit

↺ Researcher warns of new zero-day in Microsoft Exchange under exploit

> Reports are emerging that a new zero-day exists in Microsoft Exchange and that it is being exploited in the wild, a well-known security researcher has warned.

> Kevin Beaumont said in a series of tweets that he could confirm significant numbers of Exchange servers had been backdoored, including a honeypot.

> He added that while Microsoft appeared to be aware of the new vulnerability, the company had not yet informed its customers.

> Beaumont pointed to a post by a Vietnamese source named GTSC Cyber Security Company that said details of the vulnerability, noticed in August, had been sent to the Zero-Day Initiative which had verified and acknowledged two bugs.

VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere

↺ VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere

> VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi), and VirtualGATE (Windows), which are used to exploit and gain persistent access to instances of ESXi.

Researcher warns of new zero-day in Microsoft Exchange under exploit

↺ Researcher warns of new zero-day in Microsoft Exchange under exploit

Web security flaw in Sophos Firewall patched

↺ Web security flaw in Sophos Firewall patched

> Sophos Firewall v19.0 MR1 (19.0.1) and older are potentially vulnerable to the security bug in the User Portal and Webadmin of Sophos Firewall.

gemini.tuxmachines.org

-- Response ended

-- Page fetched on Sat Jun 1 06:15:59 2024