iManage Security Vulnerability due to third-party Apache component Log4j

If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.

iManage Security Vulnerability due to third-party Apache component Log4j2022-02-10T14:06:01-05:00

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

The iManage Security team identified a vulnerability affecting on-premises versions of iManage products. It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)2022-03-22T16:55:00-04:00

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability

Microsoft has released a patch to mitigate to this vulnerability, we can’t deny the fact that this security flaw has already been exploited by numerous criminal organization – developing into a new ransomware attack and other potential malicious activities. Check this post for options & solutions.

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability2021-03-16T13:33:35-04:00

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits

Hafnium operators deploy web shells on compromised server, creating software backdoors that allow attackers to steal data and perform additional malicious actions that lead to further compromise.

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits2022-03-22T17:04:34-04:00