Author: DEFENDEDGE
-
Peloton Bike+ Bug Gives Hackers Complete Control
An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios. Read more
-
Apple Releases Security Updates for iOS 12.5.4
Original release date: June 15, 2021 Apple has released security updates to address vulnerabilities in iOS 12.5.4. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This product is provided subject to this Notification and this… Read more
-
Apple Hurries Patches for Safari Bugs Under Active Attack
Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited. Read more
-
Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services. Read more
-
Vulnerability Summary for the Week of June 7, 2021
Original release date: June 14, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aomedia — aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. 2021-06-04 7.5 CVE-2021-30475 MISC MISC broadcom — sannav Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make… Read more
-
Utilities ‘Concerningly’ at Risk from Active Exploits
Utilities’ vulnerability to application exploits goes from bad to worse in just weeks. Read more
-
Moobot Milks Tenda Router Bugs for Propagation
An analysis of the campaign revealed Cyberium, an active Mirai-variant malware hosting site. Read more
-
CISA Releases Advisory on ZOLL Defibrillator Dashboard
Original release date: June 14, 2021 CISA has released an Industrial Controls Systems (ICS) Medical Advisory on multiple vulnerabilities in the ZOLL Defibrillator Dashboard. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Medical Advisory ICSMA-21-161-01 and apply the recommended… Read more
-
Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC
A trio of security flaws open the door to remote-code execution and a malware tsunami. Read more
-
Critical Chrome Browser Bug Under Active Attack
Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild. Read more