July 2021 - Securezoo

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021 Read More »

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 28, 2021 / AD SC, Certificate Authority, Domain Controller, EPA, IIS, NTLM, PetitPotam, Relay Attack, SMB, Windows

Microsoft has issued guidance on mitigating PetitPotam NTLM relay attacks against Windows domain controllers or other Windows servers.

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks Read More »

Apple fixes zero-day vulnerability (CVE-2021-30807) in macOS Big Sur and iOS

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 27, 2021 / Apple, Big Sur, BigSur115, CVE-2021-30807, iOS, iOS147, macOS

Apple has fixed a zero-day vulnerability CVE-2021-30807 in macOS Big Sur and iOS versions that is under active attack.

Apple fixes zero-day vulnerability (CVE-2021-30807) in macOS Big Sur and iOS Read More »

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 26, 2021 / ACL, CVE-2021–36934, GitHub, HiveNightmare, SAM, SeriousSAM

Microsoft has issued a workaround for a serious zero-day vulnerability CVE-2021–36934 dubbed “SeriousSAM” that could allow an attacker to read any registry hives as a non-administrator.

Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability Read More »

Adobe fixes vulnerabilities in multiple products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 23, 2021 / Adobe, Adobe Photoshop, After Effects, Audition, Character Animator, Media Encoder, Prelude, Premiere Pro

Adobe has released security updates to address multiple vulnerabilities in Adobe Photoshop, Audition, Character Animator, Prelude, Premiere Pro, After Effects, and Media Encoder.

Adobe fixes vulnerabilities in multiple products Read More »

Drupal patches Critical third-party library vulnerability (CVE-2021-32610)

Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / July 23, 2021 / Archive_Tar, CVE-2021-32610, Drupal, Drupal Core, PEAR Archive_Tar, third party

Drupal has patched a Critical third-party library vulnerability that affects multiple versions of Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.

Drupal patches Critical third-party library vulnerability (CVE-2021-32610) Read More »

Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 22, 2021

Apple has released security updates to fix vulnerabilities in iOS 14.7, macOS Big Sur 11.5, Safari 14.1.2, tvOS 14.7, watchOS 7.6, and other products.

Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products Read More »

16-year-old printer driver vulnerability affects millions of printers worldwide

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 21, 2021 / CVE-2021-3438, HP, PrintNightmare, Samsung, Xerox

Researchers have discovered a 16-year-old printer driver vulnerability CVE-2021-3438 that affects millions of printers worldwide, to include HP, Samsung and Xerox printer models.

16-year-old printer driver vulnerability affects millions of printers worldwide Read More »