Author: DEFENDEDGE

Paper ballots and source-code transparency are recommended to improve election security. Read more

Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they’re in range. Read more

Original release date: May 11, 2021 CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.  Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These… Read more

Original release date: May 11, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of a ransomware attack affecting… Read more

Microsoft’s May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities. Read more

A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. Read more

The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. Read more

Original release date: May 10, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info ambarella — oryx_rtsp_server A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to… Read more

U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. Read more