Security Updates & Patches Archives - Page 37 of 89

F5 Big-IP KDC spoofing vulnerability (CVE-2021-23008)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 1, 2021

Security researchers have discovered a KDC Spoofing Vulnerability in F5 Big-IP CVE-2021-23008. As a result, an attacker could could exploit the vulnerability to bypass authentication and take control of impacted systems.

F5 Big-IP KDC spoofing vulnerability (CVE-2021-23008) Read More »

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated)

Cybersecurity Attacks, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 1, 2021 / CISA, CVE-2019-11510, CVE-2020-8243, CVE-2020-8260, CVE-2021-22893, Networking, PSIRT, Pulse Connect, Pulse Secure

CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated) Read More »

“BadAlloc” vulnerabilities impact broad range of IoT and OT devices

Cybersecurity Attacks, Internet of Things (IoT), Network Security, Security Updates & Patches, System Hardening, Vulnerabilities & Exploits / Frank Crast / April 30, 2021 / Azure, BadAlloc, Industrial control, IOT, Microsoft, OT, Section 52

Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.

“BadAlloc” vulnerabilities impact broad range of IoT and OT devices Read More »

Samba fixes vulnerability (CVE-2021-20254) that could allow an attacker unauthorized access to files

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 30, 2021 / CIFS, CVE-2021-20254, Samba, SMB

Samba has released a software update to fix a vulnerability (CVE-2021-20254) that could allow an attacker unauthorized access to files. A remote attacker could take advantage of this bug and exploit unpatched systems.

Samba fixes vulnerability (CVE-2021-20254) that could allow an attacker unauthorized access to files Read More »

Apple security updates for iOS 14.5, macOS Big Sur 11.3 and other products (updated)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 28, 2021 / Apple, Big Sur, BigSur113, CVE-2021-30657, iCloud, iOS, iOS145, macOS, Safari, Shlayer, tvOS, watchOS

Apple has released security updates to fix vulnerabilities in iOS 14.5, macOS Big Sur 11.3, Safari 14.1, tvOS 14.5, watchOS 7.4, Xcode 12.5 and other products.

Apple security updates for iOS 14.5, macOS Big Sur 11.3 and other products (updated) Read More »

Google releases Chrome security update (90.0.4430.93)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 28, 2021 / ANGLE, Chrome, Chrome 90, CVE-2021-21227, CVE-2021-21232, CVE-2021-21233, Dev Tools, V8

Google has released Chrome 90 security update (90.0.4430.93) for Windows, Mac and Linux with fixes for 9 vulnerabilities.

Google releases Chrome security update (90.0.4430.93) Read More »

Drupal patches Critical XSS vulnerability in Drupal Core

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 26, 2021 / Drupal, XSS

Drupal has patched a Critical cross-site scripting (XSS) vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.

Drupal patches Critical XSS vulnerability in Drupal Core Read More »

SonicWall Email Security zero-day vulnerabilities

Messaging Security, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 25, 2021 / CVE-2021-20021, CVE-2021-20022, CVE-2021-20023, email, HES, Messaging, SonicWall

SonicWall has released urgent patches for Critical Email Security product zero-day vulnerabilities CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023.

SonicWall Email Security zero-day vulnerabilities Read More »

Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / April 21, 2021 / Chrome, CVE-2021-21224, Google, Zero-day

Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.

Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities Read More »

Oracle Critical Patch Update for April 2021

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 21, 2021 / Database, Enterprise Manager, Fusion, Fusion Middleware, Java, MySQL, Oracle, virtualization

Oracle has released its Critical Patch Update for April 2021 to include 390 vulnerability fixes across multiple products.

Oracle Critical Patch Update for April 2021 Read More »