QueueJumper (CVE-2023-21554) Enables Remote Execution with MSMQ
With CVE-2023-21554 aka QueueJumper, an attacker can use TCP port 1801 to execute code remotely and without authorization on a MSMQ-enabled server — effectively taking over the server.
Read MorePatch Released For Sophos Firewall RCE Vulnerability (CVE-2022-1040)
An authentication bypass vulnerability (CVE-2022-1040) that allowed for remote code execution (RCE) was discovered in the User Portal and Webadmin of Sophos Firewall.
Read MorePrintNightmare (CVE-2021-1675 and CVE 2021-34527) Explained
Proof-of-concept exploit code was published on Github on June 29, 2021 for a vulnerability (CVE-2021-1675) in Print Spooler.
Read MoreHow Blumira Helped Fechheimer Evade a HAFNIUM Exchange Attack
Blumira's customer, Fechheimer, was able to successfully evade a Microsoft Exchange attack. Learn how Blumira helped them to detect the incident early.
Read MoreHow To Detect Password Lists With Blumira
When users engage in risky behavior, security teams should know about it. Here's how Blumira can detect and alert you about password lists.
Read MoreHow to Disrupt the Ransomware Kill Chain
Ransomware attacks often start with indicators that are easy to overlook. Learn how to identify and detect each stage in the ransomware kill chain.
Read More