Vulnerabilities & Exploits Archives - Page 39 of 106

SAP July 2021 Security Patch Day addresses Critical vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 15, 2021 / CVE-2021-27610, CVE-2021-33670, CVE-2021-33671, NetWeaver, Onapsis, SAP

Software giant SAP has released July 2021 Security Patch Day that includes 15 separate security advisories and patches.

SAP July 2021 Security Patch Day addresses Critical vulnerabilities Read More »

Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 14, 2021 / CVE-2021-33740, CVE-2021-34439, CVE-2021-34448, CVE-2021-34450, CVE-2021-34458, CVE-2021-34464, CVE-2021-34473, CVE-2021-34474, CVE-2021-34494, CVE-2021-34497, CVE-2021-34503, CVE-2021-34522, CVE-2021-34527, Dynamics, Exchange, Malware Protection Engine, Windows, Windows 10, Windows Server

Microsoft has released the July 2021 Security updates that includes patches for 117 vulnerabilities, 13 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.

Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities Read More »

Adobe releases security updates for Adobe Acrobat and Reader (APSB21-51), other products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 13, 2021 / Acrobat, Acrobat and Reader, Adobe, Bridge, CVE-2021-28634, CVE-2021-28635, CVE-2021-28636, CVE-2021-28637, CVE-2021-28638, CVE-2021-28639, CVE-2021-28640, CVE-2021-28641, CVE-2021-28642, CVE-2021-28643, CVE-2021-28644, CVE-2021-35980, CVE-2021-35981, CVE-2021-35983, Dimension, Illustrator, Reader

Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, Adobe Dimension, Illustrator, Framemaker and Bridge products.

Adobe releases security updates for Adobe Acrobat and Reader (APSB21-51), other products Read More »

Mozilla releases Firefox 90 with new version of SmartBlock and 9 security fixes

Data Privacy, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 13, 2021 / browser, CVE-2021-29970, CVE-2021-29971, CVE-2021-29976, CVE-2021-29977, Firefox, Firefox 90, Privacy, SmartBlock

The Mozilla Foundation has released Firefox 90 that includes a new version of SmartBlock and security fixes for nine vulnerabilities, five rated High severity.

Mozilla releases Firefox 90 with new version of SmartBlock and 9 security fixes Read More »

Kaseya VSA falls victim to massive sophisticated ransomware attack (update)

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / July 13, 2021 / CISA, FBI, JBS, Kaseya, Ransomware, REvil, Travelex, VSA

Kaseya VSA has fallen victim to a sophisticated and massive ransomware attack, that some experts say has affected thousands of customers. The company also provided a patch update for on-premise customers.

Kaseya VSA falls victim to massive sophisticated ransomware attack (update) Read More »

Critical ForgeRock Access Management vulnerability (CVE-2021-35464) exploited

Identity & Access Management, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 12, 2021 / Access Management, ACSC, CVE-2021-35464, ForgeRock, Identity

A Critical ForgeRock Access Management (AM) vulnerability (CVE-2021-35464) has been exploited in the wild. The issue affects ForgeRock’s OpenAM, open-source AM solution.

Critical ForgeRock Access Management vulnerability (CVE-2021-35464) exploited Read More »

Morgan Stanley confirms breach of customer SSNs via an exploit of vendor’s Accellion FTA vulnerability

Cybersecurity Attacks, Data Breach, Vulnerabilities & Exploits / Frank Crast / July 10, 2021 / Accellion, FTA, Morgan Stanley

Morgan Stanley has confirmed a data breach of some customer SSNs and other personal data via one if its vendor’s vulnerable Accellion FTA systems.

Morgan Stanley confirms breach of customer SSNs via an exploit of vendor’s Accellion FTA vulnerability Read More »

Microsoft patches PrintNightmare vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 7, 2021

Microsoft has patched PrintNightmare, a severe remote code execution (RCE) vulnerability that affects the Windows Print Spooler service under active attacks in the wild.

Microsoft patches PrintNightmare vulnerability Read More »

PrintNightmare: Windows Print Spooler service RCE vulnerability exploit code

Vulnerabilities & Exploits, Zero-days / Frank Crast / July 1, 2021 / CVE-2021-1675, PrintNightmare, RpcAddPrinterDriverEx

Researchers have posted Proof of Concept (PoC) code dubbed PrintNightmare used to exploit a Windows Print Spooler service remote code execution (RCE) vulnerability CVE-2021-1675.

PrintNightmare: Windows Print Spooler service RCE vulnerability exploit code Read More »

Cisco warns of active exploits against Cisco ASA XSS vulnerability (CVE-2020-3580)

Cybersecurity Attacks, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 29, 2021 / Adaptive, ASA, Cisco, CVE-2020-3580, Exploit, Firepower, FTD, POC

Cisco issued an updated advisory warning of active exploits in the wild against a Cisco security appliance XSS vulnerability CVE-2020-3580. Proof of concept (PoC) exploit code has also been released to the public.

Cisco warns of active exploits against Cisco ASA XSS vulnerability (CVE-2020-3580) Read More »