Researchers at FireEye have disclosed attacks against defense, government, and financial organizations leveraging vulnerabilities in the Pulse Secure VPN software. Pulse Secure’s virtual private network and Secure Connect solutions are used by organizations worldwide to ensure secure access to business systems. FireEye reportedly discovered four new malware families designed specifically

Vendors impacted in the FragAttacks, a series of recently disclosed Wi-Fi vulnerabilities, have released security advisories in response. A dozen CVE identifiers have been assigned to the set of vulnerabilities after they were discovered last year by security researcher Mathy Vanhoef. The vulnerabilities consist of three design flaws and nine

Cisco has rolled out patches addressing severe vulnerabilities that could be exploited to perform remote code execution and privilege escalation. The flaws lie in the SD-WAN vManage Software. The bugs could allow an unauthenticated attacker to steal information from vulnerable networks. Cisco also disclosed a denial-of-service issue in the same

Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by threat actors by utilizing maliciously crafted web content that ultimately leads to arbitrary code execution, according to Apple. The statement released

On Tuesday, SentinelLabs reported that a researcher on their team had discovered 5 serious vulnerabilities in Dell’s DBUtil BIOS driver. This technology is used in Dell’s desktop and laptop PCs, notebooks, and tablet products, therefore affecting a wide range of Dell’s offerings. The team reported that the flaws have existed

Security researchers at Microsoft have warned of 25 undocumented critical memory-allocation vulnerabilities that lie across a number of vendors’ IoT and industrial devices. The flaws could be used to execute malicious code throughout a network or cause an entire system to crash. The bugs were uncovered by Microsoft’s Azure Defender

A set of nine vulnerabilities are currently exposing roughly 100 million devices worldwide, according to researchers. The vulnerabilities lie in the basic code that dictates how devices communicate with the internet. What cybersecurity researchers are questioning is how to implement changes and effective defenses that will actively combat these types

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint advisory warning administrators that APT groups are currently exploiting three different vulnerabilities that existing the Fortinet FortiOS. News of the active exploits was allegedly broken to the public just a few days ago

F5 Networks has warned users to patch four critical remote command execution (RCE) flaws. The company released an advisory detailing seven vulnerabilities, four of which are critical, two that represent a high risk, and one rated medium risk. The four critical flaws lie in F5’s BIG-IP and BIG-IQ enterprise networking

Attackers are taking advantage of newly reported Microsoft Exchange Server vulnerabilities, preying on victims who have not yet installed the appropriate patches released on March 2 by the tech giant. According to Mandiant, attackers utilized four critical zero-day exploits last week to target a range of organizations across retail, government,