Welcome to another Morning Bowl breakout:
Microsoft 365 trial offer blocks access to Windows 10 desktops
Windows 10 users are reportedly being blocked from accessing their desktops by full-screen trial offers for the Microsoft 365 productivity suite (formerly Office 365). […]
Google ads push ‘virtualized’ malware made for antivirus evasion
An ongoing Google ads malvertising campaign is spreading malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer. […]
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.
The first of the two vulnerabilities is CVE-2022-21587 (CVSS score: 9.8), a critical issue impacting versions 12.2.3 to 12.2.11 of the Oracle Web Applications Desktop Integrator product.
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution.
The issue is rooted in the iControl Simple Object Access Protocol (SOAP) interface and affects the following versions of BIG-IP –
188.8.131.52 – 14.1.5
184.108.40.206 – 15.1.8
220.127.116.11 – 16.1.3, and
“A format string vulnerability exists in iControl SOAP
Follow for more…