Login

Register

Login

Register

Tag

fixes
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routers and their management software that admins will want to apply as soon as possible. SD-WAN is a technology that allows large companies to manage different types of Wide Area Network (WAN) communications links such as carrier MPLS, conventional broadband, and mobile 4G as...
Read More
Trend Micro has found and fixed several critical vulnerabilities in its products, two of which it warned are being exploited in the wild. The security giant released patches for Apex One and OfficeScan XG on Windows, urging customers to upgrade to the latest versions “as soon as possible.” CVE-2020-8467 is a critical zero-day a vulnerability...
Read More
The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them. That...
Read More
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions. The flaw could have allowed attackers to pilfer users’ cookies, giving them full account access. They could also have automated those attacks at scale, said the researcher who discovered it, Evan Custodio. The bug uses a sneaky...
Read More
Microsoft has issued one of the biggest security updates of recent years with a Patch Tuesday that fixes 115 unique CVEs, including 26 critical flaws. The majority of these are found in Windows (79 CVEs) and Edge/IE (18). Experts agreed that sysadmins should prioritize CVE-2020-0684, a Remote Code Execution (RCE) vulnerability affecting versions Windows 7...
Read More
After fixing a fat pile of critical security flaws as part of last week’s Patch Tuesday update, Adobe has come back with two more that need urgent attention. This is what’s called an out of band update, which means that a vulnerability is too risky or likely to be exploited to leave to the next...
Read More
Firefox version 73 has only been out for a week but already Mozilla has had to update it to version 73.0.1 to fix a range of browser problems and crashes, including when running on Linux machines. The list of issues is surprisingly long for a point release but, in most cases, the issues only happen...
Read More
Users of Dell SupportAssist should patch their software immediately to fix a software bug that could lead to arbitrary code execution, the PC vendor said this week. SupportAssist is a Dell software product that comes preinstalled on most of its Windows-based endpoints. It performs diagnostic tasks and streamlines the creation of support tickets for Dell...
Read More
Mozilla’s own “patch Tuesday” for Firefox happened this week. Rather than patching once a calendar month, Mozilla goes for every sixth Tuesday – or every 42 days, which we call Fortytwosday in a hat-tip to HHGttG. This update takes the regular build of Firefox to 73.0, while the long-term release, which includes security fixes but...
Read More
Microsoft has fixed almost a century of CVEs this month, although experts suggest the workload shouldn’t be too hard on admins. The 99 vulnerabilities fixed this month feature 12 critical CVEs, including one zero-day, and another four that have been publicly disclosed and so will also need to be prioritized. The zero-day being exploited in...
Read More
Twitter has been forced to take action after discovering malicious actors taking advantage of an API bug to unmask users on the site by getting hold of their phone numbers. The social network discovered the issue on Christmas Eve last year after detecting a user employing a large network of fake accounts to exploit an...
Read More
Sonos appears to have bowed to customer pressure and will now offer security updates for legacy kit and ensure it can co-exist with newer systems. The smart speaker firm issued a statement earlier this week warning that from May, “some of our oldest products will no longer receive software updates or new features.” It claimed...
Read More
The CryptoAPI cryptographic bug that Microsoft reported in its Patch Tuesday release yesterday was so big that it warranted its own story. Here, we look at some of the other nasties that Microsoft fixed. Among the most serious bugs were remote code execution (RCE) flaws affecting the Windows Remote Desktop Gateway, which is a Microsoft...
Read More

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW