Blueliv Intelligence Briefing

Your cybersecurity news summary

Tuesday,   August 11th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

New zero-day RCE vBullentin bug patched

The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019. The previous zero-day allowed attackers to exploit a bug in the vBulletin template system to run malicious code and take over forums without needing to authenticate on the victim sites (a type of bug called a pre-auth RCE). However, a researcher said he found a simple way to bypass the patch and continue to exploit the same CVE-2019-16759 vulnerability Learn more >

Demo Free Trial MSSP