Windows

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include Trend Micro, Sophos, Dell, QNAP) 

The Cybersecurity and Infrastructure Security Agency (CISA) has added 7 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include vulnerabilities affecting Trend Micro, Sophos, Windows, QNAP, Dell, and Dasan products.

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include Trend Micro, Sophos, Dell, QNAP)  Read More »

CISA adds 66 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include WatchGuard and Mitel)

The Cybersecurity and Infrastructure Security Agency (CISA) has added 66 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include WatchGuard, Mitel, Windows and many other product vulnerabilities.

CISA adds 66 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include WatchGuard and Mitel) Read More »

CISA adds 15 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include SonicOS and Windows UPnP)

The Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include SonicWall SonicOS, Windows UPnP, and other Microsoft Windows vulnerabilities.

CISA adds 15 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include SonicOS and Windows UPnP) Read More »

CISA adds 16 new vulnerabilities to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added 16 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The issues include recently patched Apple WebKit zero-day, SeriousSAM, SMBv3, and Jenkins vulnerabilities among others.

CISA adds 16 new vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Microsoft February 2022 Security Updates (fixes for 16 RCEs, 1 zero-day) 

It was a relatively light Patch Tuesday for Microsoft this month. The Microsoft February 2022 Security Updates includes patches and advisories for 50 vulnerabilities, 16 of those remote code execution flaws and one zero-day (CVE-2022-21989). None are rated Critical.

Microsoft February 2022 Security Updates (fixes for 16 RCEs, 1 zero-day)  Read More »

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories

A four-year old Microsoft Azure App Service 0-day vulnerability dubbed “NotLegit” affects hundreds of source code repositories.

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories Read More »

Microsoft December 2021 Security Updates includes fix for zero-day exploit used to spread Emotet malware

Microsoft has released the December 2021 Security Updates that includes patches for 73 vulnerabilities, 7 of those rated Critical. The updates also address one vulnerability being actively exploited in the wild and used to spread Emotet malware.

Microsoft December 2021 Security Updates includes fix for zero-day exploit used to spread Emotet malware Read More »

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation

A security researcher has discovered a zero-day vulnerability CVE-2021-24084 in Windows Mobile Device Management that could allow information disclosure and local privilege escalation (LPE).

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation Read More »