2020 - Page 15 of 30

Microsoft takes down malicious domains used in COVID-19 related phishing campaign

Cybercrime, Cybersecurity Attacks, Messaging Security, Phishing / Frank Crast / July 8, 2020 / COVID-19, DCU, email, Messaging, Microsoft, phishing

Microsoft has disrupted a major cybercriminal operation designed to take advantage of the COVID-19 pandemic and defraud victims in 62 countries around the world.

Microsoft takes down malicious domains used in COVID-19 related phishing campaign Read More »

F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 4, 2020 / AAM, AFM, Analytics, APM, ASM, BIG-IP, CVE-2020-5902, DNS, F5, FPS, GTM, Link Controller, LTM, PEM, RCE, TMUI

F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.

F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility Read More »

Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 4, 2020 / Cisco, CVE-2020-3297, Networking, Small Business

Cisco has patched a High severity Cisco small business switch vulnerability (CVE-2020-3297) and 7 other Medium rated issues that affect multiple Cisco products.

Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues Read More »

Samba security updates fix four vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 4, 2020 / CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, CVE-2020-14303

Samba has released software updates to fix four security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Samba security updates fix four vulnerabilities Read More »

Mozilla releases Firefox 78 with new ‘Protections Dashboard’ feature

Password Management, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 2, 2020 / CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12426, Firefox, Firefox 78, Mozilla

The Mozilla Foundation has released Firefox 78 that includes security fixes for multiple vulnerabilities, as well as a new ‘Protections Dashboard’ feature.

Mozilla releases Firefox 78 with new ‘Protections Dashboard’ feature Read More »

Microsoft releases two emergency out-of-band Windows codecs patches

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 1, 2020 / codecs, CVE-2020-1425, CVE-2020-1457, Windows, Windows 10, Windows Server, Windows Server 2019

Microsoft has released two emergency out-of-band Windows Codecs Library patches for multiple Windows 10 and Windows Server versions. The release comes nearly two weeks before the next ‘Patch Tuesday’ updates scheduled for July 14.

Microsoft releases two emergency out-of-band Windows codecs patches Read More »

Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 30, 2020 / authentication, CVE-2020-2021, Firewall, Palo Alto Networks, PAN-OS, SAML

Palo Alto Networks has issued a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.

Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021) Read More »

Netgear fixes high risk vulnerability in multiple routers and network devices

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / June 30, 2020 / 0-day, GRIMM, NETGEAR, R6700, RCE, Router, ZDI, Zero-day

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Netgear fixes high risk vulnerability in multiple routers and network devices Read More »

Apache patches Tomcat HTTP/2 DoS vulnerability (CVE-2020-11996)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 29, 2020 / Apache, CVE-2020-11996, CVE-2020-1938, DOS, HTTP/2, Tomcat

The Apache Software Foundation has patched a Tomcat HTTP/2 DoS vulnerability (CVE-2020-11996). A cyber attacker could exploit this vulnerability to cause a denial-of-service (DoS) condition.

Apache patches Tomcat HTTP/2 DoS vulnerability (CVE-2020-11996) Read More »

Cisco says telnet vulnerability affects IOS XE software (CVE-2020-10188)

Configuration Management, Identity & Access Management, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 26, 2020 / Appgate, Cisco, CVE-2020-10188, Debian, Fedora, IOS XE, SSH, Telnet, TTY

Cisco has released a High severity security advisory for a telnet vulnerability that affects Cisco IOS XE software.

Cisco says telnet vulnerability affects IOS XE software (CVE-2020-10188) Read More »