Antivirus is Dead...Long Live Antivirus

Ingalls has worked Incident Response for over 10 years; in that time we have seen some of the nastiest data breaches and a lot of victims who thought they were safe because they were using popular antivirus software. We’ve seen what works and what

02 Sep 2021
Read More

SolarWinds Serv-U RCE 0-Day Vulnerability (CVE-2021-35211)

Microsoft recently informed SolarWinds about a Remote Memory Escape vulnerability that can result in Remote Code Execution in the SolarWinds Serv-U Managed File Transfer Server and Serv-U Secured FTP products. Microsoft provided SolarWinds with a

13 Jul 2021
Read More

PrintNightmare Update (CVE-2021-34527)

Microsoft has completed the investigation and has released security updates to address this vulnerability. It is recommended that these updates be installed immediately. Note that the security updates released on and after July 6, 2021, contain

07 Jul 2021
Read More

PrintNightmare Vulnerability (CVE-2021-1675)

CVE-2021-1675 (aka PrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675 as a low-severity vulnerability on June 8. However, it has since been determined that the

01 Jul 2021
Read More

VMware vCenter Vulnerabilities

VMWare refers to these two vulnerabilities collectively as VMSA-2021-0010.
  • CVE-2021-21985 - The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is
22 Jun 2021
Read More

Buffer overflow vulnerability in SonicWall products (CVE-2021-20027)

A buffer overflow vulnerability in SonicOS could allow a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request to the firewall’s web interface. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and

16 Jun 2021
Read More