Chain of BIOSConnect vulnerabilities impact millions of Dell devices
Security researchers have discovered a chain of Dell Client BIOS (BIOSConnect feature) vulnerabilities that impact 129 Dell models and millions of Dell devices worldwide.
VMware patches Critical Carbon Black AppC authentication bypass vulnerability (CVE-2021-21998)
VMware has patched a Critical authentication vulnerability CVE-2021-21998 in VMware Carbon Black App Control (AppC). The tech giant also issued a security advisory for a High risk vulnerability in VMware Tools, VMware Remote Console for Windows (VMRC) and VMware App Volumes products.
Google fixes Chrome zero-day (CVE-2021-30554) exploited in the wild
Google has released Chrome 91 security update 91.0.4472.114 for Windows, Mac and Linux with fixes for multiple High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30554 exploited in the wild.
SDK supply chain vulnerability exposes security cameras to hacking
A vulnerability in ThroughTek’s Kalay Platform software development hit (SDK) has exposed many security cameras used by original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.
Apple iOS 12.5.4 security update fixes two vulnerabilities exploited in the wild
Apple has released a security update for iOS 12.5.4 to fix two vulnerabilities (CVE-2021-30761 and CVE-2021-30762) exploited in the wild.
Thousands of unpatched VMware vCenter servers exposed on the internet
Security researchers have spotted thousands of vulnerable unpatched VMware vCenter servers exposed on the internet. Multiple proof-of-concepts (PoCs) have also been posted online for exploits against a remote code execution (RCE) vulnerability CVE-2021-21985.
7-year old polkit vulnerability could allow hackers root shell on Linux systems
A security researcher has discovered a seven-year old polkit privileged escalation vulnerability CVE-2021-3560 that could allow a remote attacker root shell access on Linux systems.
Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild
Google has released Chrome 91 security update 91.0.4472.101 for Windows, Mac and Linux with fixes for multiple Critical or High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30551 exploited in the wild.
SAP June 2021 Security Patch Day includes fix for Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
Software giant SAP has released June 2021 Security Patch Day that includes 20 separate security advisories and patches. One of the patches fixes a Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform.
Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities
Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.