March 2022 - Page 3 of 4

Adobe has released security updates for Adobe Photoshop, Illustrator and After Effects

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 8, 2022 / Adobe, After Effects, CVE-2022-23187, CVE-2022-24094, CVE-2022-24095, CVE-2022-24096, CVE-2022-24097, Illustrator, Photoshop

Adobe has released security updates for Adobe Photoshop, Illustrator and After Effects products.

Adobe has released security updates for Adobe Photoshop, Illustrator and After Effects Read More »

Mozilla releases Firefox 98 with fixes for 4 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 8, 2022 / CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, Firefox, Firefox98

The Mozilla Foundation has patched four High risk vulnerabilities in Firefox 98, as well as a number of other bug fixes.

Mozilla releases Firefox 98 with fixes for 4 High severity vulnerabilities Read More »

Microsoft March 2022 Security Updates (fixes for 71 vulnerabilities, 3 Critical)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 8, 2022 / CVE-2022-21990, CVE-2022-22006, CVE-2022-23277, CVE-2022-24501, Exchange, HEVC, VP9

The Microsoft March 2022 Security Updates includes patches and advisories for 71 vulnerabilities, 29 of those remote code execution flaws and three rated Critical.

Microsoft March 2022 Security Updates (fixes for 71 vulnerabilities, 3 Critical) Read More »

CISA adds 11 vulnerabilities to Known Exploited Vulnerabilities Catalog (including recent Firefox zero-days)

Vulnerabilities & Exploits / Frank Crast / March 8, 2022 / CVE-2019-11581, CVE-2021-21973, CVE-2022-26485, CVE-2022-26486, Firefox, VMware, vSphere

The Cybersecurity and Infrastructure Security Agency (CISA) has added 11 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include two Firefox zero-days, VMware, Pulse Secure, Atlassian Jira Server, Netgear and Adobe product vulnerabilities.

CISA adds 11 vulnerabilities to Known Exploited Vulnerabilities Catalog (including recent Firefox zero-days) Read More »

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh

Application Security, Cloud Security, Configuration Management, Standards & Guidelines / Frank Crast / March 8, 2022 / DevSecOps, NIST, SP 800-204C

he National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.”

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh Read More »

Google releases Chrome OS security updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 8, 2022 / Chrome OS, Vulnerabilities

Google has released Chrome OS 99.0.4844.57 security update for Chrome OS devices to fix six vulnerabilities, three rated High severity.

Google releases Chrome OS security updates Read More »

Mozilla patches 2 Critical Firefox zero-day security flaws under attack in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / March 8, 2022 / CVE-2022-26485, CVE-2022-26486, Firefox, Firefox97, Mozilla, Zero-day

The Mozilla Foundation has patched two Critical zero-day vulnerabilities in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. There are also reported attacks in the wild against each of these flaws.

Mozilla patches 2 Critical Firefox zero-day security flaws under attack in the wild Read More »

Linux Cgroup vulnerability can cause container escape

Vulnerabilities & Exploits / Frank Crast / March 5, 2022 / Cgroup, CVE-2022-0492, Linux, SELinux

A new Linux privileged escalation vulnerability in Cgroups feature could cause container escape on unhardened hosts. This is the third in a line of similar Kernel vulnerabilities that could allow containers to escape.

Linux Cgroup vulnerability can cause container escape Read More »

CISA adds 95 vulnerabilities to Known Exploited Vulnerabilities Catalog

Vulnerabilities & Exploits / Frank Crast / March 4, 2022 / Cisco, CVE-2019-16928, CVE-2020-1938, CVE-2022-20699, CVE-2022-20700, CVE-2022-20701, CVE-2022-20703, CVE-2022-20708, Exim, Ghostcat, NSA, Routers, Sandworm, Small Business

The Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include Apache Tomcat “Ghostcat”, Exim and Cisco Small Business RV routers, among others.

CISA adds 95 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

IsaacWiper: another disk wiping malware targets Ukraine systems

Cybercrime, Cybersecurity Attacks, Malware / Frank Crast / March 2, 2022 / HermeticWiper, IsaacWiper, malware, WhisperGate

Following on the footsteps of other destructive disk-wiping malware attacks, ESET researchers have also discovered a second wiper malware dubbed IsaacWiper targeting governmental networks in Ukraine.

IsaacWiper: another disk wiping malware targets Ukraine systems Read More »