Author: DEFENDEDGE

Splunk’s Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells.  Read more

The worst of 13 bugs fixed by the August updates could lead to complete system compromise for users in sensitive sectors running products in Appliance mode. Read more

Networking giant issues two critical patches and six high-severity patches. Read more

versions of the software are affected by a spate of bugs under active exploitations. Read more

Then again, you don’t even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights. Read more

Original release date: August 25, 2021 F5 has released a security advisory on vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ for August 2021. CISA encourages users and administrators to review the F5 security advisory and install updated software or apply the necessary mitigations as soon as possible. This product is provided subject to this… Read more

Cybersecurity watchdog CitizenLab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple’s new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists – even one living in London at the time. Read more

Original release date: August 24, 2021 As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed five malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following five malware analysis reports (MARs) for threat actor tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs),… Read more

CISA is warning about a surge of ProxyShell attacks, as Huntress discovered 140 webshells launched against 1,900 unpatched Microsoft Exchange servers. Read more