Google releases Chrome 102 (102.0.5005.115) security updates with fixes for 4 High severity vulnerabilities
eleased Chrome version 102.0.5005.115 for Windows, Mac and Linux, with fixes for seven vulnerabilities (four rated High severity).
Year: 2022
PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities
The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.
Microsoft exposes and disables Polonium activity targeting Israeli organizations
Microsoft has exposed and disabled a Lebanon-based Polonium cyber activity targeting Israeli organizations.
CISA issues advisory on vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory on vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X.
Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild
Atlassian has fixed a Critical severity unauthenticated zero-day RCE vulnerability (CVE-2022-26134) in Confluence Server and Data Center.
Mozilla releases Firefox 101 with fixes for 8 High severity vulnerabilities
The Mozilla Foundation has patched eight High risk vulnerabilities in Firefox 101, as well as a number of other bug fixes.
Microsoft issues workaround for Windows Support Diagnostic Tool “Follina” Vulnerability
Microsoft has issued a workaround for a vulnerability in its Microsoft Support Diagnostic Tool (MSDT) “Follina” vulnerability CVE-2022-30190 in Windows.
CISA adds 75 vulnerabilities to Known Exploited Vulnerabilities Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added more than 75 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Cisco, Microsoft, Adobe, Oracle, Linux vulnerabilities and more.
Drupal patches High risk Guzzle third-party library vulnerability (CVE-2022-29248)
Drupal has patched a High risk Guzzle third-party library vulnerability (CVE-2022-29248) that affects multiple versions of Drupal Core.
Zoom patches XMPP vulnerability chain that could allow an attacker to compromise user over Zoom chat
Zoom recommends users upgrade their Zoom client to version 5.10.0 to fix an XMPP vulnerability chain that could enable an attacker to execute remote code and compromise another user over Zoom chat.