Vulnerabilities & Exploits

Securezoo Cybersecurity Threat Center blog posts of new vulnerabilities and exploits.

Top CVEs targeted by PRC state-sponsored cyber actors

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”

Top CVEs targeted by PRC state-sponsored cyber actors Read More »

Google releases Chrome 106 security update with fixes for 2 High severity vulnerabilities

Google has released Chrome 106 (106.0.5249.91) for Windows, Mac and Linux, with fixes for three vulnerabilities (two rated High severity).

Google releases Chrome 106 security update with fixes for 2 High severity vulnerabilities Read More »

CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Microsoft Exchange and Atlassian flaws.

CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities Read More »

ISC fixes High risk BIND vulnerabilities, BIND 9 Security Vulnerability Matrix

The Internet Systems Consortium (ISC) has released new security updates that fix four High risk vulnerabilities in multiple versions of BIND, as well as BIND 9 Security Vulnerability Matrix.

ISC fixes High risk BIND vulnerabilities, BIND 9 Security Vulnerability Matrix Read More »