Frank Crast

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities Read More »

CISA issues advisory on vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory on vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X.

CISA issues advisory on vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X Read More »

Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild

Atlassian has fixed a Critical severity unauthenticated zero-day RCE vulnerability (CVE-2022-26134) in Confluence Server and Data Center.

Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild Read More »

Mozilla releases Firefox 101 with fixes for 8 High severity vulnerabilities

The Mozilla Foundation has patched eight High risk vulnerabilities in Firefox 101, as well as a number of other bug fixes.

Mozilla releases Firefox 101 with fixes for 8 High severity vulnerabilities Read More »

Microsoft issues workaround for Windows Support Diagnostic Tool “Follina” Vulnerability

Microsoft has issued a workaround for a vulnerability in its Microsoft Support Diagnostic Tool (MSDT) “Follina” vulnerability CVE-2022-30190 in Windows.

Microsoft issues workaround for Windows Support Diagnostic Tool “Follina” Vulnerability Read More »

CISA adds 75 vulnerabilities to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added more than 75 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Cisco, Microsoft, Adobe, Oracle, Linux vulnerabilities and more.

CISA adds 75 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Zoom patches XMPP vulnerability chain that could allow an attacker to compromise user over Zoom chat

Zoom recommends users upgrade their Zoom client to version 5.10.0 to fix an XMPP vulnerability chain that could enable an attacker to execute remote code and compromise another user over Zoom chat.

Zoom patches XMPP vulnerability chain that could allow an attacker to compromise user over Zoom chat Read More »

Google releases Chrome 102 security updates with fixes for 32 vulnerabilities (1 Critical)

Google has released Chrome for Windows (102.0.5005.61/62/63) and Chrome 102.0.5005.61 for Mac and Linux, with fixes for 32 vulnerabilities.

Google releases Chrome 102 security updates with fixes for 32 vulnerabilities (1 Critical) Read More »