Category: alerts

The “KindleDrip” attack would have allowed attackers to siphon money from unsuspecting victims. Read more

Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic. Read more

Researchers have traced the origins of a campaign – infecting SQL servers to mine cryptocurrency – back to an Iranian software firm. Read more

Original release date: January 21, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco Advisories… Read more

The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory. Read more

Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite. Read more

The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365. Read more

Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution. Read more

Mystery of spying using popular chat apps uncovered by Google Project Zero researcher. Read more

Original release date: January 18, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.   High Vulnerabilities Primary Vendor… Read more