Vulnerabilities & Exploits Archives - Page 32 of 106

Apache patches Tomcat DoS vulnerability (CVE-2021-42340)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 18, 2021 / Apache, CVE-2021-42340, DOS, Tomcat

The Apache Software Foundation has patched an Apache Tomcat Denial of Service (DoS) vulnerability CVE-2021-42340 that may lead to a memory leak and over time a denial of service via an OutOfMemoryError.

Apache patches Tomcat DoS vulnerability (CVE-2021-42340) Read More »

Juniper patches multiple vulnerabilities in Junos OS and other products (October 2021)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 15, 2021 / Jun OS, Juniper, PTX, QFX, SRX

Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, PTX Series, QFX Series, SRX Series network devices and multiple other products.

Juniper patches multiple vulnerabilities in Junos OS and other products (October 2021) Read More »

Adobe security update for Acrobat and Reader (APSB21-104) and other products (updated)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 15, 2021 / Acrobat, Adobe, CVE-2021-40728, CVE-2021-40731, Reader

Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, Adobe Connect, Adobe Reader Mobile, Adobe Commerce, Adobe Campaign Standard, and ops-cli.

Adobe security update for Acrobat and Reader (APSB21-104) and other products (updated) Read More »

Microsoft October 2021 Security Updates includes fixes for 4 zero-days, 1 actively exploited

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 13, 2021 / CVE-2021-38672, CVE-2021-40449, CVE-2021-40461, CVE-2021-40469, CVE-2021-40486, CVE-2021-41335, CVE-2021-41338

Microsoft has released the October 2021 Security Updates that includes patches for 74 vulnerabilities, 3 of those rated Critical. The updates also address 4 zero-day bugs, 1 of those actively exploited in the wild.

Microsoft October 2021 Security Updates includes fixes for 4 zero-days, 1 actively exploited Read More »

Apple releases iOS 15.0.2 with fix for zero-day exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 12, 2021 / CVE-2021-30883, iOS, iOS15, iPadOS, Zero-day

Apple has released a security update for iOS 15.0.2 with fix for zero-day exploited in the wild.

Apple releases iOS 15.0.2 with fix for zero-day exploited in the wild Read More »

Google releases Chrome 94 security update (94.0.4606.81) with fixes for 4 High risk vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 12, 2021 / Android, Chrome, CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980

Google has released Chrome 94 security update (94.0.4606.81) for Windows, Mac and Linux with fixes for multiple vulnerabilities.

Google releases Chrome 94 security update (94.0.4606.81) with fixes for 4 High risk vulnerabilities Read More »

Trickbot tops most popular malware in September 2021

Malware, Vulnerabilities & Exploits / Frank Crast / October 11, 2021 / Agent Tesla, Floxif, Formbook, Glupteba, malware, njRAT, Ramnit, Remcos, Tofsee, Trickbot, XMRig

Check Point Research has revealed that Trickbot is once again the most popular malware, according to a Global Threat Index report for September 2021. A remote access trojan, njRAT, was also added to the top 10 report for first time ever.

Trickbot tops most popular malware in September 2021 Read More »

Mozilla patches 4 High risk vulnerabilities in Firefox 93, blocks unsafe downloads

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 7, 2021

The Mozilla Foundation has patched four High risk vulnerabilities in Firefox 93, as well as added security feature that blocks unsafe downloads.

Mozilla patches 4 High risk vulnerabilities in Firefox 93, blocks unsafe downloads Read More »

Apache HTTP Server Project patches vulnerability (CVE-2021-41773) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 6, 2021 / Apache, CVE-2021-41524, CVE-2021-41773, HTTP Server

The Apache HTTP Server Foundation has patched a path traversal and file disclosure vulnerability (CVE-2021-41773) in Apache HTTP Server 2.4.49.

Apache HTTP Server Project patches vulnerability (CVE-2021-41773) exploited in the wild Read More »

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / October 2, 2021 / APT, aviation, BeaconLoader, ChamelGang, Cobalt Strike, CVE-2017-12149, DoorMe, energy, Exchange, FRP, ProxyShell, Tiny shell

A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries Read More »