Google releases Chrome OS 75 update
Google has released Chrome OS 75 stable channel update that includes a number of features, bug fixes and security updates.
Cisco patches critical bugs in Data Center Network Manager
Cisco has patched two critical vulnerabilities that affects its Data Center Network Manager (DCNM) product. Both are rated very high CVSS score of 9.8 and could be exploited without authentication.
DHS warns of Iranian cybersecurity threats, issues guidance
The Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about recent Iranian cybersecurity threats. The statement also included suggested tips and best practices to stay safe online.
NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks
The National Institute of Standards and Technology (NIST) has released a new Interagency/Internal Report (NISTIR) 8228, that includes guidelines for organizations in managing IoT cybersecurity and privacy risks. The NISTIR…
Open ADB port attacks spread cryptocurrency-mining botnet
Attackers are targeting open Android Debug Bridge (ADB) ports running on Android devices to install cryptocurrency-mining botnet malware.
Dell patches severe SupportAssist vulnerability
Dell deployed a patch to fix a high severity DLL hijacking vulnerability in its SupportAssist software, that comes bundled with Dell business and personal PCs.
“SACK Panic” Linux vulnerabilities
The CERT Coordination Center (CERT/CC) has released a security advisory for multiple "SACK Panic" vulnerabilities that impact Linux kernels. In addition, a related flaw also impacts FreeBSD.
Apache patches Tomcat HTTP/2 DoS vulnerability
The Apache Software Foundation has released new Apache Tomcat security updates to address an HTTP/2 Denial of Service (DoS) vulnerability.
Oracle patches Critical WebLogic vulnerability exploited in the wild
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Firefox security update fixes critical zero-day flaw abused in the wild
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.