Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild

Google has released Chrome 91 security update 91.0.4472.101 for Windows, Mac and Linux with fixes for multiple Critical or High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30551 exploited in the wild.

Continue Reading Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild

Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities

Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.

Continue Reading Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities

Microsoft May 2021 Security Updates include fixes for 4 Critical and 3 zero-day vulnerabilities

Microsoft has released the May 2021 Security updates that includes patches for 55 vulnerabilities, 4 of those rated Critical. The updates also include fixes for 3 zero-day flaws.

Continue Reading Microsoft May 2021 Security Updates include fixes for 4 Critical and 3 zero-day vulnerabilities

Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities

Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.

Continue Reading Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

Continue Reading CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

Legacy QNAP NAS devices vulnerable to zero-day cyberattacks

Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.

Continue Reading Legacy QNAP NAS devices vulnerable to zero-day cyberattacks