Frank Crast, Author at Securezoo

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / Frank Crast / December 24, 2020 / Data Security, DHS, DOJ, EO 13913, EO 13942, EO 13943, Executive Order, Harvard, Huawei, NIST, PLA, PRC, USTR, WTO, ZTE

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

DHS warns businesses of risks using Chinese tech and data services Read More »

Cybersecurity experts reveal growing list of SolarWinds 2nd stage attack victims

Cybersecurity Attacks, Malware, Third-Party Security / Frank Crast / December 22, 2020 / Cisco, Deloitte, DNS, malware, Solarigate, SolarWinds, Sunburst, Truesec

Cybersecurity experts have revealed a growing list of SolarWinds 2nd stage attack victims based on malware analysis.

Cybersecurity experts reveal growing list of SolarWinds 2nd stage attack victims Read More »

Solorigate malware behind the SolarWinds attack

Cybersecurity Attacks, Malware, Third-Party Security / Frank Crast / December 22, 2020 / DLL, Solarigate, SolarWinds, Supply Chain

Microsoft shared new insights into the Solarigate malware, the compromised DLL file behind the SolarWinds software supply chain attacks.

Solorigate malware behind the SolarWinds attack Read More »

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

Cloud Security, Configuration Management, Cybersecurity Attacks, Data Breach, Malware, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / December 19, 2020 / APT, CISA, Cisco, Emergency Directive, Equifax, FireEye, Microsoft, NNSA, NSA, Nuclear, SolarWinds, Sunburst, Supply Chain, Symantec, Teardrop, UNC2452

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated) Read More »

Mozilla releases Firefox 84, fixes for 1 Critical and 6 High risk vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 16, 2020 / BigInt, browser, CVE-2020-16042, CVE-2020-26971, CVE-2020-26972, CVE-2020-26973, CVE-2020-26974, CVE-2020-35113, CVE-2020-35114, Firefox, Firefox 84, Mozilla

Mozilla releases Firefox 84, fixes for 1 Critical and 6 High risk vulnerabilities

Mozilla releases Firefox 84, fixes for 1 Critical and 6 High risk vulnerabilities Read More »

Apple December security updates for iOS 14.3, macOS Big Sur 11.1 and other products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 16, 2020 / Apple, Big Sur, CVE-2020-27943, CVE-2020-27944, CVE-2020-27951, iOS 14.3, macOS, Safari, tvOS, watchOS

Apple has released security updates to fix vulnerabilities in iOS 14.3, macOS Big Sur 11.1 and other products.

Apple December security updates for iOS 14.3, macOS Big Sur 11.1 and other products Read More »

Global active exploits against SolarWinds via Sunburst backdoor

Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / December 14, 2020 / backdoor, malware, Orion, SolarWinds, Sunburst, UNC2452

Cybersecurity experts are warning of major global active exploits against SolarWinds Orion Platform software versions via a Sunburst backdoor and supply chain attack.

Global active exploits against SolarWinds via Sunburst backdoor Read More »

Microsoft: Widespread Adrozek malware campaign hijacks browsers on thousands of systems

Cybersecurity Attacks, Malware / Frank Crast / December 12, 2020 / Adrozek, browser, Chrome, Edge, Firefox, malware, polymorphic, Radioplayer, Windows, Yandex

Microsoft has sounded the alarm on a widespread Adrozek malware campaign that targeted thousands of systems to hijack browsers, inject ads on search results and even steal passwords.

Microsoft: Widespread Adrozek malware campaign hijacks browsers on thousands of systems Read More »

Adobe releases security update for Adobe Acrobat and Reader (APSB20-75)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 11, 2020 / Acrobat, Acrobat and Reader, Adobe, CVE-2020-29075, macOS, Windows

Adobe has released a security update to address a vulnerability in Adobe Acrobat and Reader (APSB20-75).

Adobe releases security update for Adobe Acrobat and Reader (APSB20-75) Read More »

Cisco updates multiple Jabber Desktop and Mobile Client vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 11, 2020 / Cisco, CVE-2020-26085, CVE-2020-27127, CVE-2020-27132, CVE-2020-27133, CVE-2020-27134, Jabber

Cisco has patched multiple Critical Jabber Desktop and Mobile Client vulnerabilities. An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

Cisco updates multiple Jabber Desktop and Mobile Client vulnerabilities Read More »