Frank Crast

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)

Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277) Read More »

OpenSSL patches two High risk vulnerabilities (CVE-2021-3449 and CVE-2021-3450)

OpenSSL has patched two High severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.

OpenSSL patches two High risk vulnerabilities (CVE-2021-3449 and CVE-2021-3450) Read More »

Energy giant Shell latest victim in Accellion FTA cyberattacks

Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion’s legacy File Transfer Appliance (FTA) product used to transfer large files.

Energy giant Shell latest victim in Accellion FTA cyberattacks Read More »

Critical F5 BIG-IP vulnerability (CVE-2021-22986) under active attack

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

Critical F5 BIG-IP vulnerability (CVE-2021-22986) under active attack Read More »

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks Read More »