Frank Crast

Authorities take down ‘world’s largest’ darknet marketplace

A German-led police operation in coordination with authorities in other countries have taken down the ‘world’s largest’ darknet marketplace. The underground marketplace was used to facilitate the sale of drugs, stolen credit card data and malware.

Authorities take down ‘world’s largest’ darknet marketplace Read More »

Cisco patches High risk vulnerabilities in Small Business routers and other products

Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.

Cisco patches High risk vulnerabilities in Small Business routers and other products Read More »

Microsoft January 2021 Security Updates (to include zero-day RCE patch)

Microsoft has released the January 2021 Security updates that includes patches for 83 vulnerabilities, 10 of those rated Critical and 1 zero-day RCE vulnerability CVE-2021-1647 in Microsoft Defender.

Microsoft January 2021 Security Updates (to include zero-day RCE patch) Read More »

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild Read More »

NSA: New guidance to eliminate obsolete TLS protocols

The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).

NSA: New guidance to eliminate obsolete TLS protocols Read More »

Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044)

The Mozilla Foundation has released Firefox 84.0.2 that includes a security fix for a Critical vulnerability CVE-2020-16044. An attacker could exploit the vulnerability to take control of impacted systems. As part of Mozilla Foundation Security Advisory 2021-01, Firefox 84.0.2 patched a Critical ‘Use-after-free write’ vulnerability CVE-2020-16044. According to Mozilla, “a malicious peer could have modified a COOKIE-ECHO chunk

Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044) Read More »