Cybersecurity Threat Center

North Korean hackers target security researchers in new campaign

Post author:Frank Crast
Post published:January 26, 2021
Post category:Cybersecurity Attacks Phishing Vulnerabilities & Exploits

Google's Threat Analysis Group (TAG) has discovered a new ongoing campaign targeting security researchers working on vulnerability research.

SQL Server malware “MrbMiner” attacks

Post author:Frank Crast
Post published:January 25, 2021
Post category:Cloud Security Cybersecurity Attacks Malware Network Security

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products

Post author:Frank Crast
Post published:January 23, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.

Drupal patches Critical third-party library vulnerability (CVE-2020-36193)

Post author:Frank Crast
Post published:January 23, 2021
Post category:Application Security Security Updates & Patches Third-Party Security Vulnerabilities & Exploits

Drupal has patched a Critical third-party library vulnerability (CVE-2020-36193) that affects multiple versions of Drupal Core.

Oracle Critical Patch Update for January 2021

Post author:Frank Crast
Post published:January 22, 2021
Post category:Security Updates & Patches Vulnerabilities & Exploits

Oracle has released its Critical Patch Update for January 2021 to include 329 vulnerability fixes across multiple products.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Post author:Frank Crast
Post published:January 21, 2021
Post category:Cloud Security Cybersecurity Attacks Security Monitoring

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

Google releases Chrome security update (88.0.4324.96)

Post author:Frank Crast
Post published:January 21, 2021
Post category:Security Updates & Patches Vulnerabilities & Exploits

Google has released Chrome 88 security update (88.0.4324.96) for Windows, Mac and Linux with fixes for 36 vulnerabilities. The tech giant also released a Chrome browser update for Android.

FreakOut malware exploits new Linux vulnerabilities

Post author:Frank Crast
Post published:January 20, 2021
Post category:Malware Security Updates & Patches Vulnerabilities & Exploits

Security researchers have discovered a new malware dubbed "FreakOut" that exploits new Linux vulnerabilities.

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack

Post author:Frank Crast
Post published:January 19, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Security researchers have discovered seven Dnsmasq vulnerabilities that open up many network and Linux devices to DNS cache poisoning attacks or remote code execution.

NSA issues new guidance on encrypted DNS

Post author:Frank Crast
Post published:January 18, 2021
Post category:Configuration Management Cryptography Cybersecurity Articles Network Security

The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed "DoH."