The FBI, CISA, and MS-ISAC have released a joint cybersecurity advisory regarding LockBit 3.0 ransomware as identified through FBI investigations as recently as this month.
Google has released Chrome 111.0.5563.110 for Mac and Linux and Chrome 111.0.5563.110/.111 for Windows with fixes for seven High severity vulnerabilities.
The Microsoft March 2023 Security Updates includes patches and advisories for 101 vulnerabilities, including 9 Critical severity issues and two zero-days exploited in the wild.
Adobe has released eight advisories addressing multiple vulnerabilities in Adobe Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion products.
CISA and FBI have published a joint cybersecurity alert on Royal ransomware used in recent cyberattacks as recently as January 2023. The ransomware uses a unique “partial encryption approach” to evade detection.
The Microsoft February 2023 Security Updates includes patches and advisories for 79 vulnerabilities, including 9 Critical severity remote code execution issues and three zero-days exploited in the wild.
Apple has released an emergency security update that fixes a zero-day exploited vulnerability (CVE-2023-23529) in iOS, Safari, and macOS, under attack in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has added Intel, Oracle, TerraMaster, Forta, and SugarCRM vulnerabilities to its Known Exploited Vulnerabilities Catalog.
OpenSSL has released a security update with fixes for one High risk vulnerability (CVE-2023-0286) and multiple other Moderate severity vulnerabilities.
French authorities and security researchers warn attackers have been exploiting two-year old VMware ESXi remote code execution (RCE) vulnerability (CVE-2021-21974) to deliver ESXiArgs ransomware.
Vice Society ransomware gang has been targeting manufacturing firms in Brazil, Argentina, Switzerland, and Israel, with their own custom-built ransomware.
VMware has patched four vulnerabilities that affect VMware vRealize Log Insight. Two of the vulnerabilities are rated Critical, one High and one Medium severity.
The Internet Systems Consortium (ISC) has released new security updates that fix four High risk vulnerabilities in multiple versions of ISC Berkeley Internet Name Domain (BIND).