Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.
Google has released Chrome 89 security update 89.0.4389.128) for Windows, Mac and Linux with fixes for 2 vulnerabilities exploited in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion's legacy File Transfer Appliance (FTA) product used to transfer large files.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits.
Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019. The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.
Google has released a new Chrome 89 security update (89.0.4389.72) for Windows, Mac and Linux with fixes for multiple vulnerabilities, to include one zero-day vulnerability CVE-2021-21166 exploited in the wild.
Cyber attackers have been exploiting Accellion File Transfer (FTA) appliance 0-day vulnerabilities to steal data and threaten their victims with extortion attempts.
Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, as well as Magento, Photoshop, Animate, Illustrator and Dreamweaver. Moreover, the software giant addressed one Critical vulnerability CVE-2021-21017 exploited in the wild.