November 2021 - Securezoo

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 30, 2021 / 0-day, CVE-2021-24084, HiveNightmare, mobile, SeriousSAM, Windows

A security researcher has discovered a zero-day vulnerability CVE-2021-24084 in Windows Mobile Device Management that could allow information disclosure and local privilege escalation (LPE).

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation Read More »

NIST SP 800-213: IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements

Internet of Things (IoT), Standards & Guidelines / Frank Crast / November 29, 2021 / IOT, NIST, SP 800-213

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213 IoT Device: “Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements.”

NIST SP 800-213: IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements Read More »

NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog

Internet of Things (IoT), Standards & Guidelines / Frank Crast / November 29, 2021 / NIST

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog.

NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog Read More »

VMware patches 2 vSphere Web Client vulnerabilities (CVE-2021-21980, CVE-2021-22049)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 27, 2021 / CVE-2021-22049, vcenter, VMware, vSphere

VMware has patched arbitrary file read and SSRF vCenter Server vulnerabilities (CVE-2021-21980, CVE-2021-22049) that affect VMware vSphere Web Client.

VMware patches 2 vSphere Web Client vulnerabilities (CVE-2021-21980, CVE-2021-22049) Read More »

Attackers exploit Windows Installer zero-day vulnerability (CVE-2021-41379)

Malware, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 24, 2021 / CVE-2021-41379, Group Policy, Installer, Windows

Bad actors have been exploiting a previously patched Windows Installer zero-day privileged escalation vulnerability CVE-2021-41379.

Attackers exploit Windows Installer zero-day vulnerability (CVE-2021-41379) Read More »

FBI alert: APT actors exploit 0-Day FatPipe VPN vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 21, 2021 / 0-day, FatPipe, FBI, MPVPN, VPN

The Federal Bureau of Investigation (FBI) has issued a report of advanced persistent threat (APT) actors exploiting 0-day FatPipe MPVPN networking devices since at least May of 2021.

FBI alert: APT actors exploit 0-Day FatPipe VPN vulnerabilities Read More »

GitHub fixes 2 npm registry vulnerabilities

Application Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 20, 2021 / 2FA, GitHub, JavaScript, NPM, registry

GitHub has fixed two node package manager (npm) registry vulnerabilities, one of those could allow an attacker to publish new versions of an npm package without proper authorization.

GitHub fixes 2 npm registry vulnerabilities Read More »

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 18, 2021 / APT, ChamelGang, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Exchange, Fortigate, Fortinet, ProxyShell, VPN

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities Read More »

Google releases Chrome 96 security update (96.0.4664.45) with fixes for 25 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 17, 2021 / Chrome, Chrome 96, CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011

Google has released Chrome 96 security update (96.0.4664.45) for Windows, Mac and Linux with fixes for multiple High risk vulnerabilities.

Google releases Chrome 96 security update (96.0.4664.45) with fixes for 25 vulnerabilities Read More »

Squirrelwaffle uses Office docs to infect victim systems with CobaltStrike

Malware / Frank Crast / November 13, 2021 / CobaltStrike, malware, Squirrelwaffle

Researchers have discovered a new malware threat dubbed “Squirrelwaffle” that uses Microsoft Office documents to infect victim systems with CobaltStrike.

Squirrelwaffle uses Office docs to infect victim systems with CobaltStrike Read More »