August 2021 - Page 2 of 3

Drupal patches 3rd-party library CKEditor vulnerabilities

Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / August 16, 2021 / CKEditor, CVE-2021-32808, CVE-2021-32809, CVE-2021-37695, Drupal, WYSIWYG

Drupal has patched Moderately Critical third-party library CKEditor vulnerabilities that affect multiple versions of Drupal Core.

Drupal patches 3rd-party library CKEditor vulnerabilities Read More »

eCh0raix ransomware variant targets QNAP and Synology NAS devices

Network Security, Security Updates & Patches, Storage Security, Vulnerabilities & Exploits / Frank Crast / August 12, 2021 / CVE-2021-28799, eCh0raix, Palo Alto Networks, Qlocker, QNAP, Synology, Unit 42

Researchers have discovered a new eCh0raix ransomware variant that targets QNAP and Synology network-attached storage (NAS) devices.

eCh0raix ransomware variant targets QNAP and Synology NAS devices Read More »

SAP August 2021 Security Patch Day addresses Critical vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 12, 2021 / Business One, CVE-2021-33690:, CVE-2021-33698:, CVE-2021-33701, SAP, SAP S/4HANA

Software giant SAP has released August 2021 Security Patch Day that includes 14 new separate security advisories and patches.

SAP August 2021 Security Patch Day addresses Critical vulnerabilities Read More »

Adobe releases security updates for Adobe Connect and Magento

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 11, 2021 / Adobe, Adobe Connect, Magento

Adobe has released security updates to address multiple vulnerabilities in Adobe Connect and Magento.

Adobe releases security updates for Adobe Connect and Magento Read More »

Microsoft August 2021 Security Updates includes fixes for 7 Critical RCEs, 3 zero-day vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / August 11, 2021 / CVE-2021-26424, CVE-2021-26432, CVE-2021-34480, CVE-2021-34530, CVE-2021-34534, CVE-2021-34535, CVE-2021-36936, CVE-2021-36942, CVE-2021-36948, Microsoft, Print Spooler, Windows, Windows 10

Microsoft has released the August 2021 Security updates that includes patches for 49 vulnerabilities, 7 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.

Microsoft August 2021 Security Updates includes fixes for 7 Critical RCEs, 3 zero-day vulnerabilities Read More »

Mozilla releases Firefox 91 with Windows SSO feature and 5 High risk security fixes

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 10, 2021 / CVE-2021-29980, CVE-2021-29984, CVE-2021-29986, CVE-2021-29988, CVE-2021-29989, Firefox 91, Mozilla

The Mozilla Foundation has released Firefox 91 that includes a new Windows single sign-on feature and security fixes for six vulnerabilities, five rated High severity.

Mozilla releases Firefox 91 with Windows SSO feature and 5 High risk security fixes Read More »

NIST SP 800-204B: Attribute-based Access Control for Microservices-based Applications using a Service Mesh

Identity & Access Management, Standards & Guidelines / Frank Crast / August 7, 2021 / NIST

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204B Attribute-based Access Control for Microservices-based Applications using a Service Mesh.

NIST SP 800-204B: Attribute-based Access Control for Microservices-based Applications using a Service Mesh Read More »

NIST SP 1271: Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide

Cybersecurity Framework, Security Program, Standards & Guidelines / Frank Crast / August 6, 2021 / critical infrastructure, Cybersecurity Framework, NIST, SP 1271

The National Institute of Standards and Technology (NIST) has issued the NIST SP 1271 Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide.

NIST SP 1271: Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide Read More »

Pulse Secure fixes Critical and High risk vulnerabilities as part of PCS 9.1R12 update

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 6, 2021

Pulse Secure has fixed multiple Critical and High risk vulnerabilities as part of 9.1R12 update for Pulse Connect Secure (PCS) system software.

Pulse Secure fixes Critical and High risk vulnerabilities as part of PCS 9.1R12 update Read More »

VMware patches High risk vulnerability (CVE-2021-22002) in Workspace ONE Access and Identity Manager

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 6, 2021 / CVE-2021-22002, Identity Manager, VMware, Workspace ONE

VMware issued a security advisory for a High risk vulnerability CVE-2021-22002 that impacts VMware Workspace ONE Access and Identity Manager. Another vulnerability was also addressed in vRealize Automation products.

VMware patches High risk vulnerability (CVE-2021-22002) in Workspace ONE Access and Identity Manager Read More »