2020 - Page 21 of 30

Google releases Chrome security update (81.0.4044.129)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 28, 2020 / Chrome, Chrome 81, CVE-2020-6461, CVE-2020-6462

Google has released Chrome 81.0.4044.129 for Windows, Mac and Linux. An attacker could exploit these vulnerabilities to take control of impacted systems.

Google releases Chrome security update (81.0.4044.129) Read More »

OpenSSL patches High risk vulnerability (CVE-2020-1967)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 24, 2020 / CVE-2020-1967, DOS, OpenSSL, SSL_check_chain, TLS 1.3

OpenSSL patched a high severity vulnerability CVE-2020-1967 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.

OpenSSL patches High risk vulnerability (CVE-2020-1967) Read More »

Microsoft releases patch for Autodesk FBX library RCE vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 23, 2020 / Autodesk, CVE-2020-7080, CVE-2020-7081, CVE-2020-7082, CVE-2020-7083, CVE-2020-7084, CVE-2020-7085, FBX Library, Microsoft, Office 2019, Office 365

Microsoft has released a new patch for multiple remote code execution (RCE) vulnerabilities in software that uses the Autodesk FBX library.

Microsoft releases patch for Autodesk FBX library RCE vulnerabilities Read More »

Google releases Chrome security update (81.0.4044.122)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 22, 2020 / Android, Chrome, Chrome 81, CVE-2020-6458, CVE-2020-6459, CVE-2020-6460

Google has released Chrome 81.0.4044.122 for Windows, Mac and Linux, as well as a new beta version of Chrome for Android.

Google releases Chrome security update (81.0.4044.122) Read More »

Spearphishing campaign targets Oil and Gas sector to drop Agent Tesla malware

Cybersecurity Attacks, Malware, Phishing / Frank Crast / April 21, 2020 / Agent Tesla, Bitdefender, energy, malware, Oil and Gas, phishing, Spearphishing

Security researchers have spotted a spearphishing campaign that targets companies in the oil and gas sector to drop Agent Tesla malware.

Spearphishing campaign targets Oil and Gas sector to drop Agent Tesla malware Read More »

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Identity & Access Management, Network Security, Password Management, Vulnerabilities & Exploits / Frank Crast / April 17, 2020 / Active Directory, CISA, CVE-2019-11510, DHS, Juniper, passwords, Pulse Secure, VPN

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices Read More »

Google releases Chrome security update (81.0.4044.113)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 16, 2020 / Android, Chrome, Chrome 81, CVE-2020-6457

Google has released Chrome 81.0.4044.113 for Windows, Mac and Linux, as well as a new version of Chrome for Android.

Google releases Chrome security update (81.0.4044.113) Read More »

Cisco Critical security updates for IP Phones Web App and UCS Director

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 16, 2020 / Cisco, CVE-2016-1421, CVE-2020-3161, CVE-2020-3239, CVE-2020-3240, CVE-2020-3243, IP Phone, UCS, UCS Director

Cisco has released security patches for Cisco IP Phones Web Application, UCS Director and other products. Five of the vulnerabilities are rated Critical severity and another seven are rated High severity.

Cisco Critical security updates for IP Phones Web App and UCS Director Read More »