November 5, 2022
For a PDF version of this week’s report, click here.
October 29, 2022
ConnectWise patched a critical RCE vulnerability in Recover and R1Soft Server Backup Manager Google fixes seventh Chrome zero-day exploited in attacks this year Atlassian Jira Align, Version 10.107.4 Vulnerability Advisory Apple fixes new zero-day used in attacks against iPhones, iPads, and iPods – check here for your particular version Stranger Strings:…
October 22, 2022
Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text (Text4Shell) Our new scanner for Text4Shell – Silent Signal Techblog – Scanner on Github Vulnerabilities in Cisco Identity Services Engine require your attention Heat left by users’ fingertips could help hackers crack passwords Microsoft’s out-of-date driver list left…
October 15, 2022
Microsoft October 2022 Patch Tuesday fixes two zero-days, 1 used in attacks, 84 flaws, 13 of which are critical The October 2022 Exchange SUs do not contain fixes for the zero-day vulnerabilities reported on September 29, 2022 Windows 11 KB5018427 update released with 30 bug fixes, improvements Aruba fixes critical RCE…
October 8, 2022
Fortinet warns admins to patch critical auth bypass bug immediately Updated information: Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Steam Gaming Phish Showcases Browser-in-Browser Threat ‘IT security issue’ impacts multiple hospitals across several states Microsoft investigates Windows 11 22H2 Remote Desktop issues Lloyd’s of London investigates and responds…
September 30, 2022
Two Zero-Day Microsoft Exchange vulnerabilities without a patch are being exploited – mitigation steps published Microsoft Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Critical Remote Hack Flaws Found in Dataprobe’s Power Distribution Units WhatsApp 0-Day Bug Let Hackers Execute a Code & Take Full App Control Remotely Don’t…
September 23, 2022
Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access Windows 11 22H2 is released, here are the new features Recent Windows 11 update apparently causing various issues due to Core Isolation (VBS) Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access LockBit ransomware builder leaked online by “angry…
September 16, 2022
Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws Windows 10 Update KB5017308 causes issues when creating/copying files via GPO Microsoft issues critical security updates as PCs attacked through zero-day flaw Microsoft issues patch for serious security vulnerability affecting everything from Windows 7 to Windows 11 Cisco released…
September 9, 2022
QNAP patches zero-day used in new Deadbolt ransomware attacks Interpol and local Police dismantled an Asian Sextortion ring Zyxel has released patches for NAS products affected by a format string vulnerability HP fixes severe Privilege Escalation bug in pre-installed HP Support Assistant tool Cisco RV110W, RV130, RV130W, and RV215W Routers IPSec…
September 2, 2022
64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks US House appropriators want to fund more than $15 billion for cybersecurity Microsoft adds virtual core licensing to Windows Server – major cloud hosts excluded New licensing benefits make bringing workloads and licenses to partners’ clouds easier VMware Introducing…