Category: alerts
Category Added in a WPeMatico Campaign
-
Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit
It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. Read more
-
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Read more
-
SAP Releases December 2021 Security Updates
Original release date: December 14, 2021 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for December 2021 and apply the necessary updates. This product is provided subject… Read more
-
Microsoft Releases December 2021 Security Updates
Original release date: December 14, 2021 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s December 2021 Security Update Summary and Deployment Information and apply the necessary updates. … Read more
-
What the Log4Shell Bug Means for SMBs: Experts Weigh In
An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. Read more
-
How to Buy Precious Patching Time as Log4j Exploits Fly
Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Read more
-
CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228
Original release date: December 13, 2021 CISA and its partners, through the Joint Cyber Defense Collaborative, are tracking and responding to active, widespread exploitation of a critical remote code execution vulnerability (CVE-2021-44228) affecting Apache Log4j software library versions 2.0-beta9 to 2.14.1. Log4j is very broadly used in a variety of consumer and enterprise services, websites,… Read more
-
Vulnerability Summary for the Week of December 6, 2021
Original release date: December 13, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info accops — hyworks_dvm_tools A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial… Read more
-
Where the Latest Log4Shell Attacks Are Coming From
Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Read more
-
Log4Shell Is Spawning Even Nastier Mutations
The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. Read more