Exploit

Cisco warns of active exploits against Cisco ASA XSS vulnerability (CVE-2020-3580)

Cisco issued an updated advisory warning of active exploits in the wild against a Cisco security appliance XSS vulnerability CVE-2020-3580. Proof of concept (PoC) exploit code has also been released to the public.

Tags: , , , , , , ,

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019. The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Tags: , , , , , , ,