Juniper security updates fixes multiple vulnerabilities
Juniper has released security updates to fix 27 vulnerabilities on multiple products late last week.
Hackers exploiting Exim vulnerabilities
Hackers have been recently targeting at least two vulnerabilities on unpatched Exim email systems. Exim has already released two updates in September that fixes each of the flaws.
Apple releases security updates for macOS, iCloud and iTunes
Apple has issued security updates for macOS Catalina, iCloud and iTunes.
Microsoft October 2019 Security Updates
Microsoft issued the October 2019 Security Updates that include 59 unique vulnerability fixes, 10 of those rated critical. In addition, Adobe has not published any new patches.
Drupalgeddon2 attack campaign
Cyber attackers are exploiting an older Drupal remote code execution vulnerability CVE-2018-7600 dubbed Drupalgeddon2.
Phosphorus threat group targets email accounts
Microsoft has warned a cyber threat group dubbed Phosphorus has recently targeted email accounts belonging to Microsoft customers.
APT attackers exploit multiple VPN software vulnerabilities
Security experts are again warning that advanced persistent threat (APT) actors are exploiting vulnerabilities in multiple Virtual Private Network (VPN) applications.
Microsoft re-releases patch for Critical IE CVE-2019-1367 (exploited in wild)
Microsoft has re-released security and software updates that include the patch for Critical IE CVE-2019-1367 recently exploited in the wild. The latest update addresses a known printing issue reported by customers after the last patch was released on September 23, 2019.
Cisco fixes 18 high risk vulnerabilities in ASA, FMC and FTD software
Cisco has released ten Cisco Security Advisories that address 18 high risk vulnerabilities in Cisco ASA, FMC and FTD software.
Cisco Webex and Zoom issue password security guidance to prevent enumeration attacks
Researchers have discovered attackers can take advantage of Webex Meetings API calls to enumerate Webex meeting numbers. Attackers can also launch similar "enumeration attacks" against Zoom platform for ongoing or future meetings .