Author: DEFENDEDGE
-
Wormable Windows Bug Opens Door to DoS, RCE
Microsoft’s May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities. Read more
-
Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. Read more
-
Lemon Duck Cryptojacking Botnet Changes Up Tactics
The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. Read more
-
Vulnerability Summary for the Week of May 3, 2021
Original release date: May 10, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info ambarella — oryx_rtsp_server A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to… Read more
-
iPhone Hack Allegedly Used to Spy on China’s Uyghurs
U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. Read more
-
Qualcomm Chip Bug Opens Android Fans to Eavesdropping
A malicious app can exploit the issue, which could affect up to 30 percent of Android phones. Read more
-
Exim Releases Security Update
Original release date: May 7, 2021 Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Exim 4.94.2 update page and apply the necessary update.… Read more
-
Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity
Original release date: May 7, 2021 CISA has joined with the United Kingdom’s National Cyber Security Centre (NCSC), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA), in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service (SVR) tactics, techniques, and procedures. Further TTPs associated with SVR cyber actors provides additional… Read more
-
Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks
The networking giant has rolled out patches for remote code-execution and command-injection security holes that could give attackers keys to the kingdom. Read more
-
Mozilla Releases Security Updates for Firefox
Original release date: May 6, 2021 Mozilla has released security updates to address vulnerabilities in Firefox. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 88.0.1 and apply the necessary updates. This product is provided subject to this… Read more