Security Advisory Bundled Publication for October 2020 – Cisco announced the release of patches for 17 high-severity flaws in its security appliances. Cisco announced the release of security patches for 17 high-severity vulnerabilities in its security appliances as part of its Security Advisory Bundled Publication for October 2020. The vulnerability impacts Adaptive Security Appliance (ASA), […]
Taiwanese vendor QNAP published an advisory to warn customers that certain versions of its NAS OS (QTS) are affected by the Zerologon vulnerability. The Taiwanese vendor QNAP has published an advisory to warn customers that certain versions of the operating system for its network-attached storage (NAS) devices, also known as of QTS, are affected by […]
According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. Iâm proud to present the ENISA Threat Landscape Report 2020, the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020. The 8th annual ENISA Threat Landscape […]
VMware patched several flaws in its ESXi, Workstation, Fusion and NSX-T products, including a critical code execution vulnerability. VMware has fixed several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including a critical flaw that allows arbitrary code execution. The critical vulnerability, tracked as CVE-2020-3992, is a use-after-free issue that affects the OpenSLP service […]
Adobe has released a second out-of-band security update to address critical vulnerabilities affecting several products. Adobe has released a second out-of-band security update to fix critical vulnerabilities that impact numerous products of the IT giant. The flaws impact Adobe Illustrator, Dreamweaver, Marketo, Animate, After Effects, Photoshop, Premiere Pro, Media Encoder, InDesign, and the Creative Cloud […]
Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The Swedish Post and Telecom Authority announced this week that four wireless carriers bidding for frequencies […]
Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […]
Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the CVE-2020-3118 high severity vulnerability that affects multiple carrier-grade routers running the Cisco IOS XR Software. The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR […]
Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers. Microsoftâs Defender team, FS-ISAC, ESET, Lumenâs Black Lotus Labs, NTT, and Broadcomâs cyber-security division Symantec joined the forces and announced last week a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. Even if […]
The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the […]