09 Jun 2021

Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits, 50 Flaws

In this month’s Patch Tuesday update, Microsoft issued fixes for 5 critical exploits and 45 vulnerabilities rated important in severity in Microsoft Windows, .NET Core, and Visual Studio, Microsoft Office, Microsoft Edge, SharePoint Server, Hyper-V, Visual Studio Code, and more. Microsoft researchers discovered a highly targeted malware campaign that has

Read More
12 May 2021

Adobe Issues Patch for Acrobat Zero-Day

Adobe released several patches, including one for Acrobat. The vulnerability with Acrobat is being exploited in limited attacks on Adobe Readers users with Windows. The CVE-2021-28550 zero-day vulnerability affects Windows and macOS systems. The exploitation of the flaw could allow arbitrary code execution.  43 patches for 12 of its products were

Read More
14 Apr 2021

Google Patches More Under-Attack Chrome Zero-days

Google has moved to patch more Chrome zero-days that are actively under attack as it seems as though Google’s problems with in-the-wild Chrome zero-days are multiplying rapidly. The vulnerabilities patched affect Windows, macOS, and Linux users, pertaining to CVE-2021-21206 and CVE-2021-21220. Google did not provide any other details on the

Read More
12 Apr 2021

If you haven’t patched this old VPN vulnerability, assume your network is compromised

The National Cyber Security Center (NCSC) has released a critical security alert detailing how cybercriminals are actively exploiting a Fortinet VPN vulnerability to distribute ransomware. Kaspersky reported on the flaw earlier this month, stating that criminals are seeking out unpatched systems and are able to exploit the flaw to remotely

Read More
11 Mar 2021

F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs

F5 Networks has warned users to patch four critical remote command execution (RCE) flaws. The company released an advisory detailing seven vulnerabilities, four of which are critical, two that represent a high risk, and one rated medium risk. The four critical flaws lie in F5’s BIG-IP and BIG-IQ enterprise networking

Read More
04 Mar 2021

CISA tells Federal Agencies to Immediately Patch or ‘Disconnect’ Microsoft Exchange Servers

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has posted a new emergency directive calling on federal agencies to immediately patch or disconnect Microsoft Exchange servers. The alert follows a recent warning from Microsoft about major zero-day attacks on email servers, according to a recent posting by

Read More
03 Mar 2021

Linux Mint may start pushing high-priority patches to users

Linux may be implementing a new program designed to push high-priority patches to users after a legacy of relaxed update practices. Linux Mint distribution has historically allowed customers to delay installing new patches, however, this can create a plethora of security risks for the user. The new program would “insist”

Read More
27 Jan 2021

Apple Ships Emergency Fixes for Under-Attack iOS Zero-Day

On Tuesday, Apple released two emergency patches for iOS and iPad OS platforms due to indications that the three security vulnerabilities were under attack by threat actors. The patches are currently being implemented through automatic updating mechanisms as it is critical that Apple users install the fixes. Apple did not

Read More
06 Jan 2021

Google Warns of Critical Android Remote Code Execution Bug

Google’s latest Andriod security update fixed 43 bugs affecting Android handsets and Samsung phones. Two of the bigs affecting Google’s Andriod handsets were flagged as critical, while the most serious flaw lies in the Andriod System component and allows remote attackers to compromise a device through executing arbitrary code. Two

Read More
16 Nov 2020

Apple Issues Security Updates

Apple has recently released three critical security updates affecting macOS Big Sur 11.0, macOS High Sierra 10.13.6, and macOS Mojave 10.14.6. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced the patches in a notice released earlier this week urging consumers to update their devices as soon

Read More