Author: DEFENDEDGE

Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks. Read more

An CRSF-to-stored-XSS security bug plagues 50,000 ‘Contact Form 7’ Style users. Read more

Google warns of a zero-day vulnerability in the V8 open-source engine that’s being actively exploited by attackers. Read more

Original release date: February 4, 2021 Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates. For updates addressing lower severity vulnerabilities, see… Read more

The vulnerabilities exist in Cisco’s RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses. Read more

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. Read more

Researchers warn that the Hildegard malware is part of ‘one of the most complicated attacks targeting Kubernetes.’ Read more

The by-now infamous company has issued patches for three security vulnerabilities in total. Read more

The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters. Read more

Original release date: February 2, 2021 Apple has released security updates to address vulnerabilities in macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the… Read more