Frank Crast

Microsoft June 2020 Security Updates (and a Critical Adobe Flash patch)

Microsoft released the June 2020 Security Updates that includes 128 unique vulnerability fixes, 11 of those rated critical. In addition, Adobe patched a Critical vulnerability in Adobe Flash.

Microsoft June 2020 Security Updates (and a Critical Adobe Flash patch) Read More »

CallStranger UPnP vulnerability affects multiple internet-facing products

The CERT Coordination Center issued a new advisory for a UPnP configuration vulnerability CVE-2020-12695 that could allow an attacker to abuse devices and send traffic to arbitrary destinations. As a result, devices connected to the internet with UPnP enabled could expose additional vulnerabilities that could lead to amplified DDoS attacks and data loss.

CallStranger UPnP vulnerability affects multiple internet-facing products Read More »

Mozilla releases Firefox 77 with new DevTool improvements, security updates

The Mozilla Foundation has released Firefox 77 with new DevTool improvements and web platform updates. The update also includes fixes for multiple vulnerabilities.

Mozilla releases Firefox 77 with new DevTool improvements, security updates Read More »

Apple releases patch for “unc0ver” jailbreak zero-day vulnerability

Apple has released a patch for a previously disclosed “Unc0ver” jailbreak 0-day vulnerability. The security updates and patch address iOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, watchOS 6.2.6, tvOS 13.4.6 and other products.

Apple releases patch for “unc0ver” jailbreak zero-day vulnerability Read More »

TrickBot trojan updates propagation module with nworm to evade detection

TrickBot recently replaced one of its propagation modules “mworm” with new module named “nworm.” The updated module can exploit vulnerable domain controllers (DCs) and evade detection by running in memory.

TrickBot trojan updates propagation module with nworm to evade detection Read More »

VMware patches multiple vulnerabilities in ESXi, Workstation, Fusion, VMRC and Horizon Client

VMware issued a security advisory for multiple vulnerabilities that impact VMware ESXi, Workstation, Fusion, VMRC and Horizon Client products. An attacker could exploit one of these vulnerabilities and take control of an unpatched system.

VMware patches multiple vulnerabilities in ESXi, Workstation, Fusion, VMRC and Horizon Client Read More »