NSA issues new guidance on encrypted DNS
The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed “DoH.”
NSA issues new guidance on encrypted DNS Read More »
Authorities take down ‘world’s largest’ darknet marketplace
A German-led police operation in coordination with authorities in other countries have taken down the ‘world’s largest’ darknet marketplace. The underground marketplace was used to facilitate the sale of drugs, stolen credit card data and malware.
Authorities take down ‘world’s largest’ darknet marketplace Read More »
FBI: Cyber criminals target employee credentials via voice phishing attacks
The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or “vishing” attacks.
FBI: Cyber criminals target employee credentials via voice phishing attacks Read More »
Apache patches Tomcat vulnerability (CVE-2021-24122)
The Apache Software Foundation has patched a Tomcat vulnerability CVE-2021-24122 that may lead to information disclosure.
Apache patches Tomcat vulnerability (CVE-2021-24122) Read More »
Cisco patches High risk vulnerabilities in Small Business routers and other products
Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.
Cisco patches High risk vulnerabilities in Small Business routers and other products Read More »
Adobe releases security updates for Photoshop, Illustrator and other products
Adobe has released security updates to address vulnerabilities in Adobe Photoshop, Illustrator, Bridge and multiple other products.
Adobe releases security updates for Photoshop, Illustrator and other products Read More »
Microsoft January 2021 Security Updates (to include zero-day RCE patch)
Microsoft has released the January 2021 Security updates that includes patches for 83 vulnerabilities, 10 of those rated Critical and 1 zero-day RCE vulnerability CVE-2021-1647 in Microsoft Defender.
Microsoft January 2021 Security Updates (to include zero-day RCE patch) Read More »
High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild
Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.
High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild Read More »
NSA: New guidance to eliminate obsolete TLS protocols
The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).
NSA: New guidance to eliminate obsolete TLS protocols Read More »
Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044)
The Mozilla Foundation has released Firefox 84.0.2 that includes a security fix for a Critical vulnerability CVE-2020-16044. An attacker could exploit the vulnerability to take control of impacted systems. As part of Mozilla Foundation Security Advisory 2021-01, Firefox 84.0.2 patched a Critical ‘Use-after-free write’ vulnerability CVE-2020-16044. According to Mozilla, “a malicious peer could have modified a COOKIE-ECHO chunk
Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044) Read More »