05 May 2021

Apple Issues Patches for Webkit Security Flaws

Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by threat actors by utilizing maliciously crafted web content that ultimately leads to arbitrary code execution, according to Apple. The statement released

Read More
04 May 2021

Patch issued to tackle critical security issues present in Dell driver software since 2009

On Tuesday, SentinelLabs reported that a researcher on their team had discovered 5 serious vulnerabilities in Dell’s DBUtil BIOS driver. This technology is used in Dell’s desktop and laptop PCs, notebooks, and tablet products, therefore affecting a wide range of Dell’s offerings. The team reported that the flaws have existed

Read More
03 May 2021

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft have warned of 25 undocumented critical memory-allocation vulnerabilities that lie across a number of vendors’ IoT and industrial devices. The flaws could be used to execute malicious code throughout a network or cause an entire system to crash. The bugs were uncovered by Microsoft’s Azure Defender

Read More
14 Apr 2021

100 Million More IoT Devices Are Exposed—and They Won’t Be the Last

A set of nine vulnerabilities are currently exposing roughly 100 million devices worldwide, according to researchers. The vulnerabilities lie in the basic code that dictates how devices communicate with the internet. What cybersecurity researchers are questioning is how to implement changes and effective defenses that will actively combat these types

Read More
05 Apr 2021

FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint advisory warning administrators that APT groups are currently exploiting three different vulnerabilities that existing the Fortinet FortiOS. News of the active exploits was allegedly broken to the public just a few days ago

Read More
11 Mar 2021

F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs

F5 Networks has warned users to patch four critical remote command execution (RCE) flaws. The company released an advisory detailing seven vulnerabilities, four of which are critical, two that represent a high risk, and one rated medium risk. The four critical flaws lie in F5’s BIG-IP and BIG-IQ enterprise networking

Read More
08 Mar 2021

Microsoft Exchange Server Exploits Hit Retail, Government, Education

Attackers are taking advantage of newly reported Microsoft Exchange Server vulnerabilities, preying on victims who have not yet installed the appropriate patches released on March 2 by the tech giant. According to Mandiant, attackers utilized four critical zero-day exploits last week to target a range of organizations across retail, government,

Read More
04 Mar 2021

CISA tells Federal Agencies to Immediately Patch or ‘Disconnect’ Microsoft Exchange Servers

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has posted a new emergency directive calling on federal agencies to immediately patch or disconnect Microsoft Exchange servers. The alert follows a recent warning from Microsoft about major zero-day attacks on email servers, according to a recent posting by

Read More
17 Feb 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft is releasing a new servicing stack update after last week’s Patch Tuesday created a slew of problems for Windows users. Microsoft has removed the latest set of updates and released a new Patch Tuesday install that fixes the initial issue and installs Windows updates. The defective update released last

Read More
17 Feb 2021

Unpatched Android App with 1 Billion Downloads Threatens Spying, Malware

According to new research, the SHAREit application opens up Android users to malware and spyware. The app allows for remote attackers to execute malicious code through three vulnerabilities that remain unpatched. The app’s developers were allegedly informed of the flaws three months ago, and the lack of a fix represents

Read More