VMware Releases Fix For Severe View Planner RCE Vulnerability VMware has addressed a high severity unauthenticated RCE vulnerability in VMware View Planner, allowing attackers to abuse servers running unpatched software for remote code execution. View Planner is a free tool for benchmarking desktop client and server-side performance in Virtual Desktop Infrastructure environments. The vulnerability was discovered
Hijacking Traffic To Microsoft’s Windows.com With Bitflipping A researcher was able to “bitsquat” Microsoft’s windows.com domain by cybersquatting variations of windows.com. However, this technique differs from cases where typosquatting domains are used for phishing activities in that it requires no action on the victim’s part. This is due to the nature of a concept known as bit
Hacked SendGrid Accounts Used In Phishing Attacks To Steal Logins A phishing campaign targeting users of Outlook Web Access and Office 365 services collected thousands of credentials relying on trusted domains such as SendGrid. The threat actor behind this activity, which received the name “Compact,” has been operating since at least the beginning of 2020
Windows DNS SIGRed Bug Gets First Public RCE PoC Exploit A working proof-of-concept (PoC) exploit is now publicly available for the critical SIGRed Windows DNS Server remote code execution (RCE) vulnerability. Microsoft issued security updates to address the security flaw tracked as CVE-2020-1350 on July 14, 2020, together with a registry-based workaround that helps protect affected Windows servers from
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
