Vulnerabilities & Exploits Archives - Page 11 of 106

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / August 19, 2022 / Active Directory, Apple, CISA, CVE-2017-15944, CVE-2022-21971, CVE-2022-22536, CVE-2022-26923, CVE-2022-2856, CVE-2022-32893, CVE-2022-32894, iOS, Known Exploited Vulnerabilities Catalog, macOS, Microsoft, Windows

The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple (2), Microsoft (2), SAP, Google Chrome, and Palo Alto Networks.

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Google releases Chrome 104 security update with fixes for 11 vulnerabilities (1 zero-day CVE-2022-2856)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / August 19, 2022 / Chrome, CVE-2022-2856, Vulnerabilities, Zero-day

Google has released Chrome 104.0.5112.101 (Mac/Linux) and 104.0.5112.102/101 (Windows), with fixes for 11 vulnerabilities (one rated Critical and seven rated High severity). Additionally, one of the patches fixed a zero-day flaw CVE-2022-2856.

Google releases Chrome 104 security update with fixes for 11 vulnerabilities (1 zero-day CVE-2022-2856) Read More »

Attackers exploit open redirect vulnerability on Amex and Snapchat sites

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / August 16, 2022 / Amex, Cybersecurity Threat Center, Docusign, FedEx, Google Workspace, INKY, Microsoft, Microsoft 365, phishing, redirect, Snapchat

Attackers have been exploiting a well-known open redirect vulnerability on American Express and Snapchat sites to phish for victim’s personal data.

Attackers exploit open redirect vulnerability on Amex and Snapchat sites Read More »

Adobe security updates for Acrobat and Reader, Illustrator and other products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 11, 2022 / Acrobat, Adobe, Commerce, Framemaker, Illustrator, PremiereElements, Vulnerabilities

Adobe has released security updates for Acrobat and Reader, Illustrator, FrameMaker, Premiere Elements, and Adobe Commerce.

Adobe security updates for Acrobat and Reader, Illustrator and other products Read More »

Microsoft August 2022 Security Updates addresses 121 vulnerabilities (17 Critical and 1 zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / August 10, 2022 / CVE-2022-21980, CVE-2022-24477, CVE-2022-24516, CVE-2022-30133, CVE-2022-33646, CVE-2022-34691, CVE-2022-34696, CVE-2022-34702, CVE-2022-34713, CVE-2022-34714, CVE-2022-35744, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794, CVE-2022-35804, Cybersecurity Threat Center, DogWalk, MSDT

The Microsoft August 2022 Security Updates includes patches and advisories for 121 vulnerabilities, 17 of those rated Critical severity and one zero-day CVE-2022-34713 exploited in the wild.

Microsoft August 2022 Security Updates addresses 121 vulnerabilities (17 Critical and 1 zero-day) Read More »

CISA adds Zimbra vulnerability (CVE-2022-27924) to Known Exploited Vulnerabilities Catalog

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 7, 2022 / CVE-2022-27924, Zimbra

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence that cyber criminals are actively exploiting the vulnerabilities.

CISA adds Zimbra vulnerability (CVE-2022-27924) to Known Exploited Vulnerabilities Catalog Read More »

Cisco releases Critical advisory for Small Business RV routers

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 7, 2022 / CVE-2022-20827, CVE-2022-20841, CVE-2022-20842, Router, Small Business, SMB, VPN, WAN

Cisco has released a Critical security update for three vulnerabilities in Small Business RV Routers. An unauthenticated, remote attacker could execute arbitrary code or cause a denial of service (DoS) condition on an unpatched device.

Cisco releases Critical advisory for Small Business RV routers Read More »

F5 fixes 12 High severity vulnerabilities in BIG-IP and BIG-IQ products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 7, 2022 / BIG-IP, BIG-IQ, CVE-2022-35243, CVE-2022-35728, F5, Networking

F5 has released fixes for 12 High severity vulnerabilities that affect BIG-IP and BIG-IQ products.

F5 fixes 12 High severity vulnerabilities in BIG-IP and BIG-IQ products Read More »

Google releases Chrome 104 security update with fixes for 27 vulnerabilities (7 High severity)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 3, 2022 / Chrome, Chrome 104, CVE-2022-2603, CVE-2022-2604, CVE-2022-2605, CVE-2022-2606, CVE-2022-2607, CVE-2022-2608, CVE-2022-2609

Google has released Chrome 104.0.5112.79 (Mac/Linux) and 104.0.5112.79/80/81 (Windows), with fixes for 27 vulnerabilities (7 rated High severity). Additionally, Google also published new Chrome security updates for iOS and Android.

Google releases Chrome 104 security update with fixes for 27 vulnerabilities (7 High severity) Read More »

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 30, 2022 / 0-day, Adobe, CVE-2021-28550, CVE-2021-31199, CVE-2021-31201, CVE-2021-36948, CVE-2022-22047, DSIRF, Knotweed, Microsoft, MSTIC, Subzero

Knotweed threat actors have exploited Microsoft and Adobe 0-day vulnerabilities in targeted attacks against European and Central American customers. The actors also developed Subzero malware used in these attacks.

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware Read More »