Frank Crast, Author at Securezoo

Google releases Chrome security update (92.0.4515.131) with fixes for 10 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 2, 2021 / Chrome, Chrome 92, CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593, CVE-2021-30594

Google has released Chrome 92 security update (92.0.4515.131) for Windows, Mac and Linux with fixes for 10 vulnerabilities, 5 rated High severity.

Google releases Chrome security update (92.0.4515.131) with fixes for 10 vulnerabilities Read More »

NSA releases guidance on securing wireless devices in public settings

Cybersecurity Attacks, Endpoint Security, Guidelines, System Hardening, Vulnerabilities & Exploits, Wi-Fi Security / Frank Crast / August 2, 2021 / BlueBorne, Bluebugging, Bluejacking, Bluesnarfing, bluetooth, LLMNR, MFA, NFC, NIST, NSA, SP 800-121, Wi-Fi, Wireless

The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes ways bad actors target wireless devices as well as good safeguards to protect against such cyberattacks. The NSA warns that although connecting to public Wi-Fi

NSA releases guidance on securing wireless devices in public settings Read More »

Babuk ransomware: Soon to be targeting VMware and *nix systems?

Cybersecurity Attacks, Malware / Frank Crast / August 1, 2021 / ESXi, Golang, Linux, malware, Ransomware

Cybercriminals behind Babuk ransomware announced in an underground forum that they are developing malware targeting Linux/UNIX and VMware ESXi systems.

Babuk ransomware: Soon to be targeting VMware and *nix systems? Read More »

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021 Read More »

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 28, 2021 / AD SC, Certificate Authority, Domain Controller, EPA, IIS, NTLM, PetitPotam, Relay Attack, SMB, Windows

Microsoft has issued guidance on mitigating PetitPotam NTLM relay attacks against Windows domain controllers or other Windows servers.

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks Read More »

Apple fixes zero-day vulnerability (CVE-2021-30807) in macOS Big Sur and iOS

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 27, 2021 / Apple, Big Sur, BigSur115, CVE-2021-30807, iOS, iOS147, macOS

Apple has fixed a zero-day vulnerability CVE-2021-30807 in macOS Big Sur and iOS versions that is under active attack.

Apple fixes zero-day vulnerability (CVE-2021-30807) in macOS Big Sur and iOS Read More »

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 26, 2021 / ACL, CVE-2021–36934, GitHub, HiveNightmare, SAM, SeriousSAM

Microsoft has issued a workaround for a serious zero-day vulnerability CVE-2021–36934 dubbed “SeriousSAM” that could allow an attacker to read any registry hives as a non-administrator.

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability Read More »

Adobe fixes vulnerabilities in multiple products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 23, 2021 / Adobe, Adobe Photoshop, After Effects, Audition, Character Animator, Media Encoder, Prelude, Premiere Pro

Adobe has released security updates to address multiple vulnerabilities in Adobe Photoshop, Audition, Character Animator, Prelude, Premiere Pro, After Effects, and Media Encoder.

Adobe fixes vulnerabilities in multiple products Read More »

Drupal patches Critical third-party library vulnerability (CVE-2021-32610)

Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / July 23, 2021 / Archive_Tar, CVE-2021-32610, Drupal, Drupal Core, PEAR Archive_Tar, third party

Drupal has patched a Critical third-party library vulnerability that affects multiple versions of Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.

Drupal patches Critical third-party library vulnerability (CVE-2021-32610) Read More »

Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 22, 2021

Apple has released security updates to fix vulnerabilities in iOS 14.7, macOS Big Sur 11.5, Safari 14.1.2, tvOS 14.7, watchOS 7.6, and other products.

Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products Read More »