Frank Crast, Author at Securezoo

Apple releases iOS 14.4 with fixes for 3 zero-days exploited in wild (and other security updates)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / January 27, 2021 / CVE-2021-1780, CVE-2021-1781, CVE-2021-1782, iCloud, iOS, iOS 14.4, iPhone, tvOS, watchOS 7.3, Xcode 12.4

Apple has released security updates to fix vulnerabilities in iOS 14.4, watchOS 7.3, Xcode 12.4, iCloud for Windows 12.0 and tvOS 14.4. As part of the updates, the tech giant also addressed three zero-day iOS vulnerabilities exploited in the wild.

Apple releases iOS 14.4 with fixes for 3 zero-days exploited in wild (and other security updates) Read More »

North Korean hackers target security researchers in new campaign

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / January 26, 2021 / Discord, Keybase, LinkedIn, North Korea, Security researcher, TAG, Telegram, Twitter

Google’s Threat Analysis Group (TAG) has discovered a new ongoing campaign targeting security researchers working on vulnerability research.

North Korean hackers target security researchers in new campaign Read More »

SQL Server malware “MrbMiner” attacks

Cloud Security, Cybersecurity Attacks, Malware, Network Security / Frank Crast / January 25, 2021 / Cryptocurrency, Cryptomining, Database, MrbMiner, SQL Server

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.

SQL Server malware “MrbMiner” attacks Read More »

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 23, 2021 / Cisco, CVE-2021-1260, CVE-2021-1261, CVE-2021-1262, CVE-2021-1263, CVE-2021-1298, CVE-2021-1299, SD-WAN

Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products Read More »

Drupal patches Critical third-party library vulnerability (CVE-2020-36193)

Application Security, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / January 23, 2021 / Archive_Tar, CVE-2020-36193, Drupal, GitHub, third party

Drupal has patched a Critical third-party library vulnerability (CVE-2020-36193) that affects multiple versions of Drupal Core.

Drupal patches Critical third-party library vulnerability (CVE-2020-36193) Read More »

Oracle Critical Patch Update for January 2021

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 22, 2021 / CVE-2020-14750, Database, Enterprise Manager, Fusion, Java, MySQL, Oracle, WebLogic

Oracle has released its Critical Patch Update for January 2021 to include 329 vulnerability fixes across multiple products.

Oracle Critical Patch Update for January 2021 Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Cloud Security, Cybersecurity Attacks, Security Monitoring / Frank Crast / January 21, 2021 / Active Directory, Microsoft 365, SolarWinds, UNC2452

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »

Google releases Chrome security update (88.0.4324.96)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 21, 2021 / Chrome, Cryptohome, CVE-2021-21117

Google has released Chrome 88 security update (88.0.4324.96) for Windows, Mac and Linux with fixes for 36 vulnerabilities. The tech giant also released a Chrome browser update for Android.

Google releases Chrome security update (88.0.4324.96) Read More »

FreakOut malware exploits new Linux vulnerabilities

Malware, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 20, 2021 / Check Point, FreakOut, Linux, malware

Security researchers have discovered a new malware dubbed “FreakOut” that exploits new Linux vulnerabilities.

FreakOut malware exploits new Linux vulnerabilities Read More »

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 19, 2021 / CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, DHCP, DNS, DNS cache poisoning, dnsmasq, DNSpooq, JSOF

Security researchers have discovered seven Dnsmasq vulnerabilities that open up many network and Linux devices to DNS cache poisoning attacks or remote code execution.

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack Read More »