Security Advisory - Geek-Guy.com

Europe, Global Security News, North America, Vulnerabilities

Vulnerability & Patch Roundup — June 2022

by Antony Garand • June 30, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises.
To help educate website owne…

Security Advisory Regarding Splunk Enterprise Deployment Servers

by Tom Kopchak • June 14, 2022

CVE-2022-32158 Details Hurricane Labs is aware of the recent vulnerability involving Splunk Enterprise deployment servers. This vulnerability was announced by Splunk on 2022-06-14. Successful exploitation of this vulnerability could result in a compro…

Critical RCE Vulnerability in Elementor WordPress Plugin

by Antony Garand • April 13, 2022

Security Risk: High
Exploitation Level: Easy
CVSS Score: 9.9
Vulnerability: Remote code execution (RCE)
Patched Version: 3.6.3
On April 12th, an important security update was released for the Elementor plugin patching a critical remote code vulnerabil…

Critical RCE Vulnerability in Elementor WordPress Plugin

by Antony Garand • April 13, 2022

Threat Advisory: DDoS Cyberattack Risks Rise as Russia Aggression Continues Against Ukraine

by Danielle • March 1, 2022

Corero SmartWall® Threat Advisory DDoS Cyberattack risks rise as Russia aggression continues against Ukraine
The post Threat Advisory: DDoS Cyberattack Risks Rise as Russia Aggression Continues Against Ukraine appeared first on Corero.

Adobe Patches Critical RCE Vulnerability in Magento2

by Ben Martin • February 16, 2022

On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked as CVE-2022-24086 with a CVSS score of 9.8. Website administrators of…

AccessPress Themes Hit With Targeted Supply Chain Attack

by Ben Martin • January 20, 2022

Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The compromise appears to have taken place in September of last…

WordPress 5.8.3 Security Release

by Ben Martin • January 8, 2022

On January 6th, Automattic released an important security update for the WordPress core which addresses four separate vulnerabilities. WordPress website administrators are advised to update their websites immediately. All WordPress versions between 3….

Best of 2021 – UCEPROTECT: When RBLs Go Bad

by Marc Kranat • December 25, 2021

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these services to verify whether servers and IP addresses are sending spam or…

Security Advisory Regarding Microsoft Active Directory Vulnerabilities

by Dusty Miller • December 22, 2021

Summary On November 9, 2021, Microsoft released two Active Directory vulnerabilities (CVE-2021-42287 and CVE-2021-42278) with patches (KB5008102 and KB5008380). These vulnerabilities continue to fly under the radar due to Log4Shell; however, on Decembe…

Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants

by Ben Martin • December 14, 2021

A critical server security vulnerability in the Java logging library Log4j is taking the internet by storm because code to actively exploit this vulnerability is already widely distributed across the web. Originally found on the popular game Minecraft…

Security Advisory Regarding Log4Shell

by Dusty Miller • December 10, 2021

Summary On December 9, there was a Remote Code Execution (RCE) discovered in the Java logging library log4j given CVE-2021-44228. The RCE is triggered by Java-based applications logging the exploit string and executing a remote payload that the string …

Security Advisory Regarding Remote Code Execution in MSHTML

by Tony Robinson • September 13, 2021

CVE-2021-40444 Details Summary of Vulnerability On September 7th, a security advisory from Microsoft regarding a remote code execution in MSHTML was published by MSRC. According to the advisory, the vulnerability relies on specially crafted Microsoft O…

Security Advisory Regarding Atlassian Confluence

by Tony Robinson • September 3, 2021

On August 25th, Atlassian published a Security Advisory for Confluence–server and datacenter releases–described as a “web-based corporate wiki”. To put it simply, Confluence typically serves as a centralized documentation repository. On the eve of Lab…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.