security update
October 2021 Patch Tuesday forecast: Halloween came early this year
Halloween is not until the end of the month, but there has already been a lot of scary activity leading up to this patch Tuesday. PrintNightmare and Apple zero-days are just a …
A new zero-day is being exploited to compromise Macs (CVE-2021-30869)
Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and …
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)
Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability (CVE-2021-33035) that could be triggered via a specially …
Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)
VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005. “This vulnerability can be …
Microsoft patches actively exploited MSHTML zero-day RCE (CVE-2021-40444)
On September 2021 Patch Tuesday, Microsoft has fixed 66 CVE-numbered vulnerabilities in a wide variety of its solutions. Of these, the most crucial to address is …
Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in …
September 2021 Patch Tuesday forecast: It’s new operating system season
Summer vacations are coming to a close and, for many, the children are finally going back to school providing some quiet time. I hope everyone is well rested because the fall …
Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746)
A critical vulnerability (CVE-2021-34746) that affects Cisco Enterprise NFV Infrastructure Software (NFVIS) has been patched and Cisco is urging enterprise admins to quickly …
Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws
Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …
Adobe fixes security holes in Magento, most of which are critical
Adobe has released security updates to address vulnerabilities in Magento and Adobe Connect. Magento August 2021 security updates Magento is a popular open-source e-commerce …
Apple security updates: iOS 14.7 fixes WiFiDemon flaw
Apple has released security updates for macOS Big Sur (11.5), Catalina (10.15) and Mojave (10.14), as well as iOS (14.7) and iPadOS (14.7). There is no indication that Apple …
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility