Author: DEFENDEDGE

  • Cisco Warns of Critical Auth-Bypass Security Flaw

    Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. Read more

  • VMWare Patches Critical RCE Flaw in vCenter Server

    The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed to take over a system. Read more

  • Mozilla Releases Security Updates for Thunderbird, Firefox ESR, and Firefox

    Original release date: February 24, 2021 Mozilla has released security updates to address multiple vulnerabilities in Thunderbird 78.8, Firefox ESR 78.8, and Firefox 86. An attacker could exploit these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the Mozilla security advisories and apply the necessary updates. This… Read more

  • VMware Releases Multiple Security Updates

    Original release date: February 24, 2021 VMware has released security updates to address multiple vulnerabilities–CVE-2021-21972, CVE-2021-21973, CVE-2021-21974—ESXi, vCenter Server, and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0002 and apply the necessary updates. This… Read more

  • Nvidia’s Anti-Cryptomining Chip May Not Discourage Attacks

    The hotly anticipated ray-tracing, advanced gaming graphics chip will throttle Ethereum mining. Read more

  • Daycare Webcam Service Exposes 12,000 User Accounts  

    NurseryCam suspends service across 40 daycare centers until a security fix is in place. Read more

  • CISA Releases Joint Cybersecurity Advisory on Exploitation of Accellion File Transfer Appliance

    Original release date: February 24, 2021 The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance. Cyber actors worldwide have exploited vulnerabilities in Accellion File Transfer Appliance to attack multiple federal, and state, local, tribal, and territorial government… Read more

  • AA21-055A: Exploitation of Accellion File Transfer Appliance

    Original release date: February 24, 2021 Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA).[7] This activity has impacted organizations globally, including… Read more

  • IBM Squashes Critical Remote Code-Execution Flaw

    A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code. Read more

  • SonicWall Releases Additional Patches

    Original release date: February 23, 2021 SonicWall has released firmware patches for SMA 100 series products in an update to its previous alert from February 3, 2021. A remote attacker could exploit a vulnerability in versions of SMA 10 prior to 10.2.0.5-29sv to take control of an affected system. CISA encourages users and administrators to… Read more