Category: alerts

Original release date: February 24, 2021 VMware has released security updates to address multiple vulnerabilities–CVE-2021-21972, CVE-2021-21973, CVE-2021-21974—ESXi, vCenter Server, and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0002 and apply the necessary updates. This… Read more

The hotly anticipated ray-tracing, advanced gaming graphics chip will throttle Ethereum mining. Read more

NurseryCam suspends service across 40 daycare centers until a security fix is in place. Read more

Original release date: February 24, 2021 Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA).[7] This activity has impacted organizations globally, including… Read more

Original release date: February 24, 2021 The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance. Cyber actors worldwide have exploited vulnerabilities in Accellion File Transfer Appliance to attack multiple federal, and state, local, tribal, and territorial government… Read more

A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code. Read more

Original release date: February 23, 2021 SonicWall has released firmware patches for SMA 100 series products in an update to its previous alert from February 3, 2021. A remote attacker could exploit a vulnerability in versions of SMA 10 prior to 10.2.0.5-29sv to take control of an affected system. CISA encourages users and administrators to… Read more

The threat actors stole data and used Clop’s leaks site to demand money in an extortion scheme, though no ransomware was deployed. Read more

Original release date: February 22, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info accellion — fta Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. 2021-02-16 7.2 CVE-2021-27102 MISC MISC accellion —… Read more

However, internal products and systems were not leveraged to attack others during the massive supply-chain incident, the tech giant said upon completion of its Solorigate investigation. Read more