Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

Post published:March 8, 2021
Post category:Cybersecurity Attacks Messaging Security Security Updates & Patches Vulnerabilities & Exploits Zero-days

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019. The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Qualys impacted by Accellion FTA zero-day vulnerability

Post published:March 4, 2021
Post category:Security Updates & Patches Vulnerabilities & Exploits

Cybersecurity firm Qualys announced a "limited" number of their customers had been impacted by a data breach caused by an exploited Accellion FTA zero-day vulnerability on Qualys customer support systems.

Cisco patches Critical vulnerabilities on NX-OS and ASE products

Post published:March 1, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Cisco has patched multiple Critical vulnerabilities in NX-OS and Application Services Engine products. An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

QNAP fixes Command Injection vulnerability in QTS and QuTS hero

Post published:December 31, 2020
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

QNAP has fixed a High severity Command Injection vulnerability CVE-2020-25847 in QTS and QuTS hero.

Cisco patches 3 High risk IOS, IOS XE and IOS XR software vulnerabilities

Post published:November 14, 2020
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Cisco has patched three new High risk IOS, IOS XE and IOS XR software vulnerabilities in multiple network products.

Adobe patches Magento vulnerabilities

Post published:February 1, 2020
Post category:Security Updates & Patches Vulnerabilities & Exploits

Adobe has released security updates that fix multiple vulnerabilities in Magento Commerce and Open Source editions.

Zoom patches vulnerability that could allow eavesdropping

Post published:January 28, 2020
Post category:Cloud Security Messaging Security Password Management Security Updates & Patches Uncategorized Vulnerabilities & Exploits

Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company's online meetings.

Citrix patches Critical vulnerability exploited in the wild (updated)

Post published:January 25, 2020
Post category:Security Updates & Patches Vulnerabilities & Exploits

Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.

Cisco patches high risk Webex vulnerability (CVE-2020-3142)

Post published:January 25, 2020
Post category:Uncategorized

Cisco has patched a high risk vulnerability CVE-2020-3142 in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites. An unauthenticated actor could join a password-protected meeting without inputting the meeting password.

Cisco patches critical Firepower vulnerability (CVE-2019-16028)

Post published:January 24, 2020
Post category:Uncategorized

Cisco has patched a critical vulnerability CVE-2019-16028 in the web-based management interface of Cisco Firepower Management Center (FMC). An unauthenticated, remote attacker could bypass authentication and execute arbitrary code on impacted FMC devices.