Category: alerts

Original release date: August 9, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info basic_shopping_cart_project — basic_shopping_cart A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1.0 allows a remote attacker to Bypass Authentication and become Admin. 2021-07-30 7.5 CVE-2021-34165 MISC ectouch — ectouch SQL Injection Vulnerability in… Read more

The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. Read more

Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data. Read more

Original release date: August 6, 2021 Ivanti has released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Ivanti’s Security Advisory SA44858 and apply the necessary update. This product is provided subject to this Notification and… Read more

Security researchers warned that at least 8,800 vulnerable systems are open to compromise. Read more

Original release date: August 6, 2021 Pulse Secure has released Pulse Secure Connect system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Pulse Secure’s Security Advisory SA44858 and apply the necessary update. This product is provided subject to this… Read more

Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. Read more

Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-.  Read more

Original release date: August 5, 2021 VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain access to confidential information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0016 and apply the necessary updates or workaround. This product is provided subject to this Notification and… Read more

Original release date: August 5, 2021 CISA has released an Industrial Control Systems (ICS) advisory detailing multiple vulnerabilities in InterNiche products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Advisory ICSA-21-217-01 HCC Embedded InterNiche TCP/IP Stack NicheLite and apply the… Read more