Frank Crast, Author at Securezoo

Bizarro banking trojan targets European and South American banking customers

Cybersecurity Attacks, Malware, Phishing / Frank Crast / May 18, 2021 / banking, Bizarro, Brazil, Europe, malware, South America, Trojan

A banking trojan dubbed “Bizarro” that originated from Brazil has now targeted customers of 70 banks in Europe and South America.

Bizarro banking trojan targets European and South American banking customers Read More »

Juniper Networks releases out-of-cycle emergency patch for FragAttack WiFi vulnerability

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 17, 2021 / Access Point, CVE-2020-24588, FragAttack, ICASI, Juniper, Juniper Networks, Networking, WiFi

Juniper Networks has released an out-of-cycle emergency patch that fixes a “FragAttack” WiFi vulnerability in Juniper Networks Mist Access Points (APs).

Juniper Networks releases out-of-cycle emergency patch for FragAttack WiFi vulnerability Read More »

Pipeline ransomware attack shuts down 45% of East Coast’s fuel (US passes emergency waiver, systems restarted) – updated

Cybersecurity Attacks, Malware / Frank Crast / May 14, 2021 / Colonial, energy, FMCSA, pipeline, Ransomware, USDOT

A ransomware attack has crippled the largest U.S. pipeline operator, Colonial Pipeline, shutting down 45% of the East Coast’s supply of fuel. As a result, USDOT issued an emergency waiver to allow easier transports of fuel by truck in those states affected. Colonial also issued a new statement confirming pipeline systems have been restarted.

Pipeline ransomware attack shuts down 45% of East Coast’s fuel (US passes emergency waiver, systems restarted) – updated Read More »

WordPress security update (5.7.2) fixes 2 PHPMailer vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 14, 2021 / CVE-2018-19296, CVE-2020-36326, NIST, PHPMailer, WordPress

WordPress has released WordPress 5.7.2 security and maintenance update that includes fixes for two PHPMailer security vulnerabilities. All WordPress versions between 3.7 and 5.7 are affected.

WordPress security update (5.7.2) fixes 2 PHPMailer vulnerabilities Read More »

Adobe fixes Adobe Reader vulnerability exploited in the wild (as well as Critical bugs in 11 other products)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 13, 2021 / Adobe, After Effects, Animate, Creative Cloud, CVE-2021-28550, Illustrator, InCopy, Magento, Media Encoder, Medium, Reader

Adobe has patched a Critical Adobe Reader vulnerability exploited in the wild, in addition to Critical vulnerabilities in multiple other Adobe products.

Adobe fixes Adobe Reader vulnerability exploited in the wild (as well as Critical bugs in 11 other products) Read More »

Microsoft May 2021 Security Updates include fixes for 4 Critical and 3 zero-day vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / May 12, 2021 / .NET, CVE-2021-26419, CVE-2021-28476, CVE-2021-31166, CVE-2021-31194, HTTP Protocol Stack, Hyper-V, Microsoft, OLE Automation, Scripting Engine

Microsoft has released the May 2021 Security updates that includes patches for 55 vulnerabilities, 4 of those rated Critical. The updates also include fixes for 3 zero-day flaws.

Microsoft May 2021 Security Updates include fixes for 4 Critical and 3 zero-day vulnerabilities Read More »

Google releases Chrome security update (90.0.4430.212)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 11, 2021 / Chrome, CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, Google

Google has released Chrome 90 security update (90.0.4430.212) for Windows, Mac and Linux with fixes for 19 vulnerabilities.

Google releases Chrome security update (90.0.4430.212) Read More »

BIOS driver Privilege escalation flaw exposes hundreds of millions of Dell computers

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 10, 2021 / CVE-2021-21551, Dell, Sentinel

Security researchers have discovered a BIOS driver privilege escalation flaw that has exposed hundreds of millions of Dell computers.

BIOS driver Privilege escalation flaw exposes hundreds of millions of Dell computers Read More »

Cisco patches vulnerabilities in HyperFlex HX, SD-WAN and other products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 7, 2021 / CVE-2021-1497, CVE-2021-1498, HyperFlex

Cisco has patched multiple vulnerabilities in HyperFlex HX, Cisco SD-WAN, Small Business routers and other network products. Two of the advisories are rated Critical.

Cisco patches vulnerabilities in HyperFlex HX, SD-WAN and other products Read More »

Threat actors use FiveHands Ransomware and SombRAT in new cyberattack

Cybersecurity Attacks, Malware / Frank Crast / May 6, 2021 / FiveHands, malware, Ransomware, SombRAT

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new report on FiveHands ransomware, SombRAT and a publicly available network scanner used in a cyberattack against an organization.

Threat actors use FiveHands Ransomware and SombRAT in new cyberattack Read More »