Zero-days

Energy giant Shell latest victim in Accellion FTA cyberattacks

Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion’s legacy File Transfer Appliance (FTA) product used to transfer large files.

Energy giant Shell latest victim in Accellion FTA cyberattacks Read More »

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits, collectively known as “ProxyLogon.”

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks Read More »

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019, collectively known as “ProxyLogon.” The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated) Read More »

Google patches Chrome zero-day (CVE-2021-21166) exploited in the wild

Google has released a new Chrome 89 security update (89.0.4389.72) for Windows, Mac and Linux with fixes for multiple vulnerabilities, to include one zero-day vulnerability CVE-2021-21166 exploited in the wild.

Google patches Chrome zero-day (CVE-2021-21166) exploited in the wild Read More »

Cyber attackers exploit Accellion FTA 0-day vulnerabilities to steal data

Cyber attackers have been exploiting Accellion File Transfer (FTA) appliance 0-day vulnerabilities to steal data and threaten their victims with extortion attempts.

Cyber attackers exploit Accellion FTA 0-day vulnerabilities to steal data Read More »

Adobe releases security updates for Adobe Acrobat and Reader, other products (CVE-2021-21017 exploited in wild)

Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, as well as Magento, Photoshop, Animate, Illustrator and Dreamweaver. Moreover, the software giant addressed one Critical vulnerability CVE-2021-21017 exploited in the wild.

Adobe releases security updates for Adobe Acrobat and Reader, other products (CVE-2021-21017 exploited in wild) Read More »

Apple releases iOS 14.4 with fixes for 3 zero-days exploited in wild (and other security updates)

Apple has released security updates to fix vulnerabilities in iOS 14.4, watchOS 7.3, Xcode 12.4, iCloud for Windows 12.0 and tvOS 14.4. As part of the updates, the tech giant also addressed three zero-day iOS vulnerabilities exploited in the wild.

Apple releases iOS 14.4 with fixes for 3 zero-days exploited in wild (and other security updates) Read More »