Google releases Chrome 102 security updates with fixes for 32 vulnerabilities (1 Critical) May 25, 2022
Google has released Chrome for Windows (102.0.5005.61/62/63) and Chrome 102.0.5005.61 for Mac and Linux, with fixes for 32 vulnerabilities.
Mozilla fixes 2 Critical vulnerabilities in Firefox 100.0.2 May 25, 2022
The Mozilla Foundation has patched two Critical risk vulnerabilities in Firefox 100.0.2. An attacker could exploit these vulnerabilities to take control of impacted systems.
XorDdos: DDoS malware targets Linux systems May 21, 2022
Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.
Apache patches High risk Tomcat vulnerability (CVE-2022-25762) May 20, 2022
The Apache Software Foundation has patched a High risk Apache Tomcat ‘Request Mix-up’ vulnerability CVE-2022-25762.
ISC fixes High risk BIND vulnerability (CVE-2022-1183) May 20, 2022
The Internet Systems Consortium (ISC) has released a security update that fixes a High risk vulnerability CVE-2022-1183 in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Apple patches vulnerabilities in multiple products (CVE-2022-22675 exploited in the wild) May 20, 2022
Apple has released security updates for Apple iOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, and other products. Apple is aware of known exploits in the wild for a zero-day vulnerability CVE-2022-22675 that affects macOS Big Sur, watchOS, and tvOS.
Adobe has released security updates for multiple Adobe products May 15, 2022
Adobe has released security updates for Adobe Character Animator, ColdFusion, InDesign, Framemaker, and InCopy.
Attackers could exploit Critical F5 BIG-IP vulnerability to execute arbitrary commands May 15, 2022
Unauthenticated attackers could exploit a Critical BIG-IP iControl REST vulnerability CVE-2022-1388 to execute arbitrary system commands, create or delete files, or disable services on BIG-IP systems.
Google releases Chrome 101 (101.0.4951.64) security update with fixes for 13 vulnerabilities May 11, 2022
Google has released Chrome 101.0.4951.64 for Windows, Mac and Linux with fixes for 13 vulnerabilities, to include 8 rated High severity.
Microsoft May 2022 Security Updates addresses 73 vulnerabilities (7 rated Critical, 1 zero-day) May 11, 2022
The Microsoft May 2022 Security Updates includes patches and advisories for 73 vulnerabilities, seven of those rated Critical severity and one zero-day flaw CVE-2022-26925.
CISA adds 5 vulnerabilities to Known Exploited Vulnerabilities Catalog May 10, 2022
The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, two Microsoft and one OpenSSL vulnerability.
Google releases security updates for ChromeOS and Chrome for Android May 10, 2022
Google has released security updates for ChromeOS 101.0.4951.59 and Chrome 101 (101.0.4951.61) for Android with fixes for multiple High risk vulnerabilities.
Homemade DCRat can open “backdoors on a budget” May 10, 2022
Researchers from Blackberry have discovered a redesigned remote access trojan DCRat that a lone cyber criminal is now offering as a homemade tool for opening “backdoors on a budget.”
Mozilla releases Firefox 100 with fixes for 6 High severity vulnerabilities May 9, 2022
The Mozilla Foundation has patched six High risk vulnerabilities in Firefox 100, as well as a number of other bug fixes.
Emotet botnet reemerges with new threat behaviors May 4, 2022
Researchers from Proofpoint have observed the reemergence of Emotet botnet that has exhibited new behaviors in using new attack techniques.
The Top 15 mostly commonly exploited vulnerabilities in 2021 May 2, 2022
The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
Cisco issues security updates for Spring Framework, Firepower and IOS XR software April 29, 2022
Cisco has released a security updates for Spring Framework (“Spring4Shell”), Firepower Management Center (FMC) and IOS XR software that address Critical and High severity vulnerabilities.
Millions of Java apps still vulnerable to Log4Shell April 29, 2022
Researchers have found millions of Java applications still vulnerable in the wild to the infamous Log4Shell vulnerability CVE-2021-44228, more than four months after the severe flaw was discovered.
Microsoft discovers Nimbuspwn Linux vulnerabilities April 26, 2022
Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.
Google releases Chrome 101 security update with fixes for 30 vulnerabilities April 26, 2022
Google has released Chrome 101.0.4951.41 for Windows, Mac and Linux with fixes for 30 vulnerabilities, to include seven rated High severity.