• News
  • Security
  • Products
  • About Seqrite
Blogs on Information Technology, Network & Cybersecurity | Seqrite Blog
  • News
  • Security
  • Products
  • About Seqrite

Vulnerability Archive

CVE-2022-26134: Actively Exploited Atlassian OGNL Injection Zero-Day Vulnerability

CVE-2022-26134: Actively Exploited Atlassian OGNL Injection Zero-Day Vulnerability

Estimated reading time: 4 minutes

On June 2, 2022, CVE-2022-26134 “Confluence,” a zero-day remote code execution vulnerability, was discovered in all versions of the Confluence Server and Data Center. The attack was detected to be of high severity (CVSS:9.0/10.0) according to a security advisory...
Read More
July 5, 2022

CVE-2022-30190: Zero-day vulnerability “Follina” in MSDT exploited in the wild

CVE-2022-30190: Zero-day vulnerability “Follina” in MSDT exploited in the wild

Estimated reading time: 5 minutes

On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...
Read More
June 10, 2022

Threat Advisory: CVE-2022-30190 ‘Follina’ – Severe Zero-day Vulnerability discovered in MSDT

Threat Advisory: CVE-2022-30190 ‘Follina’ – Severe Zero-day Vulnerability discovered in MSDT

Estimated reading time: 2 minutes

A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows Support Diagnostic Tool (MSDT). MSDT is a tool present on Windows version 7 and above and is used for diagnosis of...
Read More
June 3, 2022

Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework

Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework

Estimated reading time: 2 minutes

A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell in Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19 & older. The Spring Framework is an open-source, popular, feature-rich application...
Read More
April 6, 2022

CVE-2021-44228: New Apache Log4j ‘Log4Shell’ Zero-Day Being Exploited in the Wild

CVE-2021-44228: New Apache Log4j ‘Log4Shell’ Zero-Day Being Exploited in the Wild

Estimated reading time: 3 minutes

A critical zero-day vulnerability (CVE-2021-44228) recently discovered Apache Log4J, the popular java open source logging library used in countless worldwide applications. The maximum severity vulnerability has been identified as ‘Log4Shell’, which, if exploited, could permit a remote attacker to...
Read More
December 15, 2021

CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel

Estimated reading time: 2 minutes

Red Hat engineers and experts discovered a memory corruption vulnerability in Linux kernel, which is basically a flaw while implementation of RDS (Remote desktop Protocol) over TCP. This flaw has affected Red Hat, Ubuntu, Debian and SUSE and security...
Read More
May 27, 2019

Sophisticated Ransomware : “Katyusha”

Sophisticated Ransomware : “Katyusha”

Estimated reading time: 6 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to...
Read More
December 14, 2018
  • 17
    Shares

Obfuscated Equation Editor Exploit (CVE-2017-11882) spreading Hawkeye Keylogger

Obfuscated Equation Editor Exploit (CVE-2017-11882) spreading Hawkeye Keylogger

Estimated reading time: 6 minutes

Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals...
Read More
November 1, 2018
  • 5
    Shares

CVE-2018-8174 – Windows VBScript Engine Remote Code Execution Vulnerability

CVE-2018-8174 – Windows VBScript Engine Remote Code Execution Vulnerability

Estimated reading time: 1 minute

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows...
Read More
May 10, 2018

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’

Estimated reading time: 4 minutes

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns...
Read More
February 5, 2018
1
1 2 Next →
Popular Posts
  • 5 Security measures you should take to protect your organization’s network 5 Security measures you should take to protect your organization’s network August 11, 2017
  • Benefits of having Intrusion Prevention/Detection System in your enterprise Benefits of having Intrusion Prevention/Detection System in your enterprise February 15, 2018
  • Uncovering LockBit Black’s Attack Chain and Anti-forensic activity Uncovering LockBit Black’s Attack Chain and Anti-forensic activity February 1, 2023
Featured Authors
  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..
  • Jayesh Kulkarni
    Jayesh Kulkarni

    Jayesh is working as a Security Researcher for a couple of years. He likes to...

    Read more..
Stay Updated!
Topics
apt (11) Cyber-attack (32) cyber-attacks (56) cyberattack (11) cyberattacks (12) Cybersecurity (301) cyber security (26) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (103) Enterprise security (15) EPS (10) Exploit (12) firewall (11) hackers (11) IoT (10) malware (64) malware attack (23) malware attacks (12) MDM (25) Microsoft (14) Network security (18) Patch Management (12) phishing (18) Ransomware (60) ransomware attack (29) ransomware attacks (30) ransomware protection (12) security (10) Seqrite (26) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (15) windows (11)
Products
  • Seqrite MSSP Portal
  • HawkkScan
  • HawkkProtect
  • HawkkHunt XDR
  • HawkkEye
  • HawkkEye Endpoint Security Cloud
  • HawkkEye mSuite
  • HawkkEye Workspace
  • Endpoint Security (EPS)
  • Unified Threat Management
  • Antivirus for Server
  • Antivirus for Linux
Resources
  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies
About Us
  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom
Archives
  • By Date
  • By Category

© 2022 Quick Heal Technologies Ltd. Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.