Frank Crast, Author at Securezoo

FluBot: Beware of this Android password-stealing malware

Malware, Mobile Security, Password Management / Frank Crast / April 26, 2021 / FluBot, malware, mobile, NCSC, Trojan

Security experts from UK’s National Cyber Security Centre (NCSC) warned of a new malware strain FlyBot, an Andoid password-stealing malware.

FluBot: Beware of this Android password-stealing malware Read More »

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

Cybersecurity Attacks, Malware, Network Security, Vulnerabilities & Exploits / Frank Crast / April 26, 2021 / APT, CISA, CVE-2020-10148, malware, Orion, SolarWinds, Supernova

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity’s network and SolarWinds systems.

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure Read More »

Drupal patches Critical XSS vulnerability in Drupal Core

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 26, 2021 / Drupal, XSS

Drupal has patched a Critical cross-site scripting (XSS) vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.

Drupal patches Critical XSS vulnerability in Drupal Core Read More »

SonicWall Email Security zero-day vulnerabilities

Messaging Security, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 25, 2021 / CVE-2021-20021, CVE-2021-20022, CVE-2021-20023, email, HES, Messaging, SonicWall

SonicWall has released urgent patches for Critical Email Security product zero-day vulnerabilities CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023.

SonicWall Email Security zero-day vulnerabilities Read More »

Alert: Qlocker and eCh0raix ransomware attacks against QNAP NAS devices

Cybersecurity Attacks, Malware, Network Security, Storage Security / Frank Crast / April 24, 2021 / CVE-2020-36195, CVE-2021-28799, eCh0raix, NAS, Qlocker, QNAP, QTS

QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.

Alert: Qlocker and eCh0raix ransomware attacks against QNAP NAS devices Read More »

Botnet malware targets Linux systems and cloud management tools

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / April 22, 2021 / Ansible, Chef, DevOps, malware, Salt Stack

Security researchers have spotted Tor-based botnet malware that targets Linux systems and cloud management tools to spread malware on victims’ networks.

Botnet malware targets Linux systems and cloud management tools Read More »

Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / April 21, 2021 / Chrome, CVE-2021-21224, Google, Zero-day

Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.

Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities Read More »

Oracle Critical Patch Update for April 2021

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 21, 2021 / Database, Enterprise Manager, Fusion, Fusion Middleware, Java, MySQL, Oracle, virtualization

Oracle has released its Critical Patch Update for April 2021 to include 390 vulnerability fixes across multiple products.

Oracle Critical Patch Update for April 2021 Read More »

VMware patches NSX-T privilege escalation vulnerability (CVE-2021-21981)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 20, 2021 / CVE-2021-21981, NSX-T, virtualization, VMware

VMware issued a security advisory for a High severity privilege escalation vulnerability CVE-2021-21981 in VMware NSX-T.

VMware patches NSX-T privilege escalation vulnerability (CVE-2021-21981) Read More »

Mozilla releases Firefox 88 with new protection against privacy leaks on the web

Data Privacy, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 20, 2021 / CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-29947, Firefox, Firefox 88, Mozilla, Privacy

The Mozilla Foundation has released Firefox 88 that includes security fixes for five High risk vulnerabilities and new protection against privacy leaks on the web.

Mozilla releases Firefox 88 with new protection against privacy leaks on the web Read More »