Author: DEFENDEDGE
-
NVIDIA Patches High-Severity GeForce Spoof-Attack Bug
A vulnerability in NVIDIA’s GeForce Experience software opens the door to remote data access, manipulation and deletion. Read more
-
Vulnerability Summary for the Week of June 21, 2021
Original release date: June 28, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apache — nuttx Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior… Read more
-
Cisco ASA Bug Now Actively Exploited as PoC Drops
In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter. Read more
-
My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks
“I am totally screwed,” one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There’s an exploit. Read more
-
Citrix Releases Security Updates for Hypervisor
Original release date: June 25, 2021 Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX316325 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use… Read more
-
Critical VMware Carbon Black Bug Allows Authentication Bypass
The 9.4-rated bug in AppC could give attackers admin rights, no authentication required, letting them attack anything from PoS to industrial control systems. Read more
-
Atlassian Bugs Could Have Led to 1-Click Takeover
A supply-chain attack could have siphoned sensitive information out of Jira, such as security issues on Atlassian cloud, Bitbucket and on-prem products. Read more
-
30M Dell Devices at Risk for Remote BIOS Attacks, RCE
Four separate security bugs would give attackers almost complete control and persistence over targeted devices, thanks to a faulty update mechanism. Read more
-
Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access
Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses. Read more
-
VMware Releases Security Updates
Original release date: June 23, 2021 VMware has released security updates to address vulnerabilities in the VMware Carbon Black App Control management server as well as VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users… Read more