November 5, 2022
For a PDF version of this week’s report, click here.
Tag Vulnerabilities
October 29, 2022
ConnectWise patched a critical RCE vulnerability in Recover and R1Soft Server Backup Manager Google fixes seventh Chrome zero-day exploited in attacks this year Atlassian Jira Align, Version 10.107.4 Vulnerability Advisory Apple fixes new zero-day used in attacks against iPhones, iPads,…
October 15, 2022
Microsoft October 2022 Patch Tuesday fixes two zero-days, 1 used in attacks, 84 flaws, 13 of which are critical The October 2022 Exchange SUs do not contain fixes for the zero-day vulnerabilities reported on September 29, 2022 Windows 11 KB5018427…
October 8, 2022
Fortinet warns admins to patch critical auth bypass bug immediately Updated information: Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Steam Gaming Phish Showcases Browser-in-Browser Threat ‘IT security issue’ impacts multiple hospitals across several states Microsoft investigates Windows…
September 30, 2022
Two Zero-Day Microsoft Exchange vulnerabilities without a patch are being exploited – mitigation steps published Microsoft Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Critical Remote Hack Flaws Found in Dataprobe’s Power Distribution Units WhatsApp 0-Day Bug Let…
September 23, 2022
Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access Windows 11 22H2 is released, here are the new features Recent Windows 11 update apparently causing various issues due to Core Isolation (VBS) Critical Vulnerability in Oracle Cloud…
September 16, 2022
Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws Windows 10 Update KB5017308 causes issues when creating/copying files via GPO Microsoft issues critical security updates as PCs attacked through zero-day flaw Microsoft issues patch for serious security…
September 9, 2022
QNAP patches zero-day used in new Deadbolt ransomware attacks Interpol and local Police dismantled an Asian Sextortion ring Zyxel has released patches for NAS products affected by a format string vulnerability HP fixes severe Privilege Escalation bug in pre-installed HP…
September 2, 2022
64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks US House appropriators want to fund more than $15 billion for cybersecurity Microsoft adds virtual core licensing to Windows Server – major cloud hosts excluded New licensing benefits…
August 26, 2022
Microsoft shares workarounds for broken audio on Windows 10 after KB5015878 Cookie theft threat: When multi-factor authentication (MFA) is not enough CISA is warning of high-severity PAN-OS DDoS flaw used in attacks LastPass source code, blueprints stolen by intruder –…
August 19, 2022
Microsoft’s Secure Boot fix sends some PCs into BitLocker Recovery New macOS 12.5.1 and iOS 15.6.1 updates patch “actively exploited” vulnerabilities Microsoft will turn off TLS 1.0 and 1.1 in Internet Explorer and EdgeHTML on September 13 Exploit out for…
August 12, 2022
August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities with 17 Critical Microsoft August Patch Tuesday fixes critical Secure Boot GRUB vulnerability Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass Microsoft warns about Windows update fails, UEFI update might…