security update
Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …
July 2021 Patch Tuesday: Microsoft fixes 4 actively exploited bugs
On this July 2021 Patch Tuesday: Microsoft has fixed 117 CVEs, 4 of which are actively exploited Adobe has delivered security updates for Acrobat and Reader, Bridge, …
SolarWinds patches zero-day exploited in the wild (CVE-2021-35211)
SolarWinds has released an emergency patch for CVE-2021-35211, a RCE vulnerability affecting its Serv-U Managed File Transfer and Serv-U Secure FTP that is currently being …
July 2021 Patch Tuesday forecast: Don’t wait for Patch Tuesday
There’s been lots of excitement around the recently announced print spooler vulnerability CVE-2021-34527, commonly referred to as PrintNightmare. The excitement stems from the …
Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …
June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …
VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)
VMware has patched two vulnerabilities (CVE-2021-21985, CVE-2021-21986) affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement …
Apple fixes macOS zero-day exploited by malware (CVE-2021-30713)
A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 …
Top security threats for power plants and how to proactively avoid them
Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
Apple fixes four zero-days under attack
A week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch …
VMware patches critical vRealize Operations flaws that could lead to RCE
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility