Securezoo Cybersecurity Threat Center blog posts of new vulnerabilities and exploits.
Microsoft issued the December 2019 Security Updates that include 36 unique vulnerability fixes, 7 of those rated critical and 29 rated important. One of the patches addresses a Win32k vulnerability under active attack in the wild.
Microsoft December 2019 Security Updates (includes fix for one active exploit) Read More »
VMware has released security updates to address a Critical OpenSLP remote code execution vulnerability (CVE-2019-5544) in ESXi and Horizon DaaS.
VMware ESXi and Horizon DaaS Critical security updates Read More »
Microsoft has issued a security advisory for vulnerability CVE-2017-15361 that impacts certain Trusted Platform Module (TPM) chipsets and used for Windows Hello for Business. The company issued steps to detect and mitigate the issue.
ROCA attack and TPM vulnerability impacts Windows Hello for Business Read More »
The Mozilla Foundation has released Firefox 71 that addresses multiple vulnerabilities. Attackers could exploit some of the vulnerabilities to take control of impacted systems.
Mozilla releases Firefox 71 Read More »
Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.
Attackers reverse Outlook vulnerability CVE-2017-11774 patch functionality Read More »
Security researchers have discovered a dangerous Android vulnerability dubbed “StrandHogg” under active attack by dozens of malicious apps. To add, 500 of the most popular apps may also be vulnerable to the StrandHogg vulnerability.
StrandHogg Android vulnerability under active attack by dozens of malicious apps Read More »
Security experts from Kaspersky have discovered 37 vulnerabilities in four VNC implementations, some that have gone undetected since 1999.
Kaspersky finds dozens of VNC remote access vulnerabilities Read More »
A security researcher has published proof of concept (PoC) for exploit code of an Apache Solr remote code execution vulnerability CVE-2019-12409.
Apache Solr Remote Code Execution vulnerability exploit code published Read More »
The Internet Systems Consortium (ISC) has released a security update that fixes a vulnerability in multiple versions of ISC Berkeley Internet Name Domain (BIND).
BIND security update Read More »
Google has released a new security update for Chrome browser 78.0.3904.108 for Windows, Mac and Linux, as well as a Chrome OS update.
Chrome browser and OS security updates Read More »
