The Federal Bureau of Investigation (FBI) has issued a report of cybercriminals using AvosLocker ransomware to target 52 entities across critical infrastructure sectors. The report includes the latest indicators of compromise (IoC) on the ransomware threat.
FBI: AvosLocker Ransomware targets victims in critical infrastructure sectors Read More »
A CRI-O vulnerability CVE-2022-0811 in Kubernetes could allow an attacker to take control of affected Kubernetes environment, as well as other software/environments that use CRI-O runtime containers.
CRI-O vulnerability could allow an attacker to take control of Kubernetes environment Read More »
The Internet Systems Consortium (ISC) has released security updates that fix two High risk vulnerabilities in multiple versions of ISC Berkeley Internet Name Domain (BIND). Two Medium severity issues were also addressed.
BIND fixes two High risk vulnerabilities (CVE-2022-0635 and CVE-2022-0667) Read More »
OpenSSL has patched one High risk vulnerability CVE-2022-0778 in certain OpenSSL versions. As a result, a bad actor could cause an Infinite loop in the BN_mod_sqrt() function that could result in a denial of service (DoS) condition.
OpenSSL patches one High risk vulnerability (CVE-2022-0778) Read More »
Drupal has patched two Moderately Critical HTML processing and denial of service vulnerabilities (CVE-2022-24728 and CVE-2022-24729) that affect multiple versions of Drupal Core.
Drupal fixes 2 Moderately Critical vulnerabilities (CVE-2022-24728 and CVE-2022-24729) Read More »
WordPress has released WordPress 5.9.2 security and maintenance update that includes fixes for three vulnerabilities.
WordPress security update (5.9.2) fixes 3 vulnerabilities Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include SonicWall SonicOS, Windows UPnP, and other Microsoft Windows vulnerabilities.
Apple releases security updates for iOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3 and other products.
Google has released Chrome 99.0.4844.74 for Windows, Mac and Linux with fixes for 11 vulnerabilities, one rated Critical severity.
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” The guidelines include many best practices on how organizations and secure their CI/CD pipeline and enhance the software delivery processes.
DevSecOps best practices to secure cloud-native and microservices-based applications Read More »
