Category: alerts

What’s the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps? Read more

The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations. Read more

The incident showcases basic steps that organizations can take to protect themselves as ransomware gangs get smarter. Read more

A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability. Read more

An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios. Read more

Original release date: June 15, 2021 Apple has released security updates to address vulnerabilities in iOS 12.5.4. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This product is provided subject to this Notification and this… Read more

Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited. Read more

Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services. Read more

Original release date: June 14, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aomedia — aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. 2021-06-04 7.5 CVE-2021-30475 MISC MISC broadcom — sannav Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make… Read more

Utilities’ vulnerability to application exploits goes from bad to worse in just weeks.   Read more