DefendEdge Logo
Contact
Engage with Us
Contact
Engage with Us

Category: alerts

Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.

Categories
alerts

VMware Fixes Critical Flaw in ESXi Hypervisor

The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge.
Categories
alerts

Facebook Messenger Bug Allows Spying on Android Users

The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them.
Categories
alerts

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration.
Categories
alerts

GO SMS Pro Android App Exposes Private Photos, Videos and Messages

The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content.
Categories
alerts

IoT Cybersecurity Improvement Act Passed, Heads to President’s Desk

Security experts praised the newly approved IoT law as a step in the right direction for insecure connected federal devices.
Categories
alerts

VMware Releases Security Updates for VMware SD-WAN Orchestrator

Original release date: November 19, 2020<br/><p>VMware has released security updates to address multiple vulnerabilities in VMware SD-WAN Orchestrator. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p>

<p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory <a href=”https://www.vmware.com/security/advisories/VMSA-2020-0025.html”>VMSA-2020-0025</a> and apply the necessary updates.</p>

<div class=”field field–name-body field–type-text-with-summary field–label-hidden field–item”><p class=”privacy-and-terms”>This product is provided subject to this <a href=”https://us-cert.cisa.gov/privacy/notification”>Notification</a> and this <a href=”https://www.dhs.gov/privacy-policy”>Privacy &amp; Use</a> policy.</p>

</div>

Categories
alerts

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Original release date: November 19, 2020<br/><p>Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p>

<p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for <a href=”https://www.mozilla.org/en-US/security/advisories/mfsa2020-50″>Firefox 83</a>, <a href=”https://us-cert.cisa.gov https://www.mozilla.org/en-US/security/advisories/mfsa2020-51″>Firefox ESR 78.5</a>, and <a href=”https://www.mozilla.org/en-US/security/advisories/mfsa2020-52″>Thunderbird 78.5</a> and apply the necessary updates.</p>

<div class=”field field–name-body field–type-text-with-summary field–label-hidden field–item”><p class=”privacy-and-terms”>This product is provided subject to this <a href=”https://us-cert.cisa.gov/privacy/notification”>Notification</a> and this <a href=”https://www.dhs.gov/privacy-policy”>Privacy &amp; Use</a> policy.</p>

</div>

Categories
alerts

Google Releases Security Updates for Chrome

Original release date: November 19, 2020<br/><p>Google has released Chrome version 87.0.4280.66 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could allow an attacker to take control of an affected system.</p>

<p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href=”https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html”>Chrome Release</a> and apply the necessary updates.</p>

<div class=”field field–name-body field–type-text-with-summary field–label-hidden field–item”><p class=”privacy-and-terms”>This product is provided subject to this <a href=”https://us-cert.cisa.gov/privacy/notification”>Notification</a> and this <a href=”https://www.dhs.gov/privacy-policy”>Privacy &amp; Use</a> policy.</p>

</div>

Categories
alerts

Drupal Releases Security Updates

Original release date: November 19, 2020<br/><p>Drupal has released security updates to address a critical vulnerability in Drupal 7, 8.8 and earlier, 8.9, and 9.0. An attacker could exploit this vulnerability to take control of an affected system.</p>

<p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Drupal Advisory <a href=”https://www.drupal.org/sa-core-2020-012″>SA-CORE-2020-012</a>, apply the necessary updates, and follow the additional recommendation.</p>

<div class=”field field–name-body field–type-text-with-summary field–label-hidden field–item”><p class=”privacy-and-terms”>This product is provided subject to this <a href=”https://us-cert.cisa.gov/privacy/notification”>Notification</a> and this <a href=”https://www.dhs.gov/privacy-policy”>Privacy &amp; Use</a> policy.</p>

</div>

Categories
alerts

Cisco Releases Security Updates for Multiple Products

Original release date: November 19, 2020<br/><p>Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p>

<p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.</p>

<ul>
<li>Integrated Management Controller Multiple Remote Code Execution Vulnerabilities <a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd”>cisco-sa-ucs-api-rce-UXwpeDHd</a></li>
<li>DNA Spaces Connector Command Injection Vulnerability <a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dna-cmd-injection-rrAYzOwc”>cisco-sa-dna-cmd-injection-rrAYzOwc</a></li>
<li>IoT Field Network Director Unauthenticated REST API Vulnerability <a href=”https://us-cert.cisa.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-BCK-GHkPNZ5F”>cisco-sa-FND-BCK-GHkPNZ5F</a></li>
<li>Secure Web Appliance Privilege Escalation Vulnerability <a href=”https://us-cert.cisa.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-nPzWZrQj”>cisco-sa-wsa-prv-esc-nPzWZrQj</a></li>
<li>IoT Field Network Director SOAP API Authorization Bypass Vulnerability <a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-AUTH-vEypBmmR”>cisco-sa-FND-AUTH-vEypBmmR</a></li>
<li>IoT Field Network Director Missing API Authentication Vulnerability <a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-APIA-xZntFS2V”>cisco-sa-FND-APIA-xZntFS2V</a></li>
</ul>

<p>For updates addressing lower severity vulnerabilities, see the Cisco <a href=”https://us-cert.cisa.gov https://tools.cisco.com/security/center/publicationListing.x”>Security Advisories page</a>.<br />
&nbsp;</p>

<div class=”field field–name-body field–type-text-with-summary field–label-hidden field–item”><p class=”privacy-and-terms”>This product is provided subject to this <a href=”https://us-cert.cisa.gov/privacy/notification”>Notification</a> and this <a href=”https://www.dhs.gov/privacy-policy”>Privacy &amp; Use</a> policy.</p>

</div>

For Emergency Cyber Security Incident Response please email RedTeam@DefendEdge.com