Category: alerts
Category Added in a WPeMatico Campaign
-
Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services. Read more
-
Vulnerability Summary for the Week of June 7, 2021
Original release date: June 14, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aomedia — aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. 2021-06-04 7.5 CVE-2021-30475 MISC MISC broadcom — sannav Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make… Read more
-
Utilities ‘Concerningly’ at Risk from Active Exploits
Utilities’ vulnerability to application exploits goes from bad to worse in just weeks. Read more
-
Moobot Milks Tenda Router Bugs for Propagation
An analysis of the campaign revealed Cyberium, an active Mirai-variant malware hosting site. Read more
-
CISA Releases Advisory on ZOLL Defibrillator Dashboard
Original release date: June 14, 2021 CISA has released an Industrial Controls Systems (ICS) Medical Advisory on multiple vulnerabilities in the ZOLL Defibrillator Dashboard. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Medical Advisory ICSMA-21-161-01 and apply the recommended… Read more
-
Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC
A trio of security flaws open the door to remote-code execution and a malware tsunami. Read more
-
Critical Chrome Browser Bug Under Active Attack
Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild. Read more
-
STEM Audio Table Rife with Business-Threatening Bugs
The desktop conferencing IoT gadget allows remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks. Read more
-
JBS Paid $11M to REvil Gang Even After Restoring Operations
The decision to pay the ransom demanded by the cybercriminal group was to avoid any further issues or potential problems for its customers, according to the company’s CEO. Read more
-
CISA Addresses the Rise in Ransomware Targeting Operational Technology Assets
Original release date: June 9, 2021 CISA has published the Rising Ransomware Threat to OT Assets fact sheet in response to the recent increase in ransomware attacks targeting operational technology (OT) assets and control systems. The guidance: provides steps to prepare for, mitigate against, and respond to attacks; details how the dependencies between an entity’s… Read more