Our news
-
D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws
Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware.
-
OpenSSL Releases Security Update
Original release date: December 8, 2020 OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the OpenSSL Security Advisory…
-
Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets
Google updates its mobile OS, fixing ten critical bugs, including one remote code execution flaw.
-
Theft of FireEye Red Team Tools
Original release date: December 8, 2020<br/><p>FireEye has released a blog addressing unauthorized access to their Red Team’s tools by a highly sophisticated threat actor. Red Team tools are often used by cybersecurity organizations to evaluate the security posture of enterprise systems. Although the Cybersecurity and Infrastructure Security Agency (CISA) has not received reporting of these…
-
Critical, Unpatched Bugs Open GE Radiological Devices to Remote Code Execution
A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging.
-
Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020.
-
Microsoft Releases December 2020 Security Updates
Original release date: December 8, 2020 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s December 2020 Security Update Summary and Deployment Information and…
-
Adobe Releases Security Updates for Multiple Products
Original release date: December 8, 2020 Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.…
-
CERT/CC Releases Information on Vulnerabilities Affecting Open-Source TCP/IP Stacks
Original release date: December 8, 2020 The CERT Coordination Center (CERT/CC) has released information on 33 vulnerabilities, known as AMNESIA:33, affecting multiple embedded open-source Transmission Control Protocol/Internet Protocol (TCP/IP) stacks. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users…
-
Adobe Warns Windows, macOS Users of Critical-Severity Flaws
Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom.