Microsoft released a patch for Windows Local Security Authority (LSA) spoofing recently. This was one among the 74 security flaws reported to be fixed with the new patch, including 7 critical, 66 deemed important and 1 low severity. Windows LSA spoofing vulnerability (CVE-2022-26925) is being wildly exploited. As per Microsoft an unauthorised bad actor will
Read More
Malware that targets AWS Lambda Environments A first-of-its-kind malware that is specifically designed to execute in an AWS Lambda environment has been discovered by Cado labs. Even serverless environments are no longer safe. While the malware’s distribution is limited, the discovery of such malware is evidence of bad actors’ advanced technical skills and their interest
Read More
Everyone might have already known that Microsoft announced a feature Windows Autopatch, which will be released in July 2022. This blog is about this new feature that Microsoft is planning to release.Windows Autopatch is a service mainly designed to update the windows and office automatically. This feature will be available for free for those users
Read More
Spring framework is found to have a Remote Code Execution (RCE) flaw. This vulnerability, if exploited successfully, will let the attacker take control of the targeted system. Fortunately, the team behind the framework was successfully able to release a patch to address the flaw. What makes Spring4Shell vulnerability (CVE-2022-22965) very dangerous is the leverage it
Read More