Apple security updates: iOS 14.7 fixes WiFiDemon flaw
Apple has released security updates for macOS Big Sur (11.5), Catalina (10.15) and Mojave (10.14), as well as iOS (14.7) and iPadOS (14.7). There is no indication that Apple …
security update
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …
July 2021 Patch Tuesday: Microsoft fixes 4 actively exploited bugs
On this July 2021 Patch Tuesday: Microsoft has fixed 117 CVEs, 4 of which are actively exploited Adobe has delivered security updates for Acrobat and Reader, Bridge, …
SolarWinds patches zero-day exploited in the wild (CVE-2021-35211)
SolarWinds has released an emergency patch for CVE-2021-35211, a RCE vulnerability affecting its Serv-U Managed File Transfer and Serv-U Secure FTP that is currently being …
July 2021 Patch Tuesday forecast: Don’t wait for Patch Tuesday
There’s been lots of excitement around the recently announced print spooler vulnerability CVE-2021-34527, commonly referred to as PrintNightmare. The excitement stems from the …
Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …
June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …
VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)
VMware has patched two vulnerabilities (CVE-2021-21985, CVE-2021-21986) affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement …
Apple fixes macOS zero-day exploited by malware (CVE-2021-30713)
A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 …
Top security threats for power plants and how to proactively avoid them
Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
