Author: DEFENDEDGE
-
SAP Releases June 2021 Security Updates
Original release date: June 8, 2021 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for June 2021 and apply the necessary updates. This product is provided… Read more
-
Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits, 50 Flaws
Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack. Read more
-
Google Patches Critical Android RCE Bug
Google’s June security bulletin addresses 90+ bugs in Android and Pixel devices. Read more
-
Microsoft Releases June 2021 Security Updates
Original release date: June 8, 2021 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s June 2021 Security Update Summary and Deployment Information and apply the necessary updates. This product is… Read more
-
Windows Container Malware Targets Kubernetes Clusters
“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials. Read more
-
Vulnerability Summary for the Week of May 31, 2021
Original release date: June 7, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info gnome — gdk-pixbuf A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker… Read more
-
Unpatched VMware vCenter Software
Original release date: June 4, 2021 CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation. Although patches were made available on May 25, 2021, unpatched systems remain an attractive target and attackers can exploit this vulnerability to… Read more
-
‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles
Unprotected server exposes AMT Games user data containing user emails and purchase information. Read more
-
Then and Now: Securing Privileged Access Within Healthcare Orgs
Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape. Read more
-
Exchange Servers Targeted by ‘Epsilon Red’ Malware
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Read more