Cybersecurity, CISA adds CVE-2022-26134 to its Known Exploited Vulnerabilities Catalog It’s a critical zero-day flaw in Atlassian’s Confluence Server and Data Center. The company patched… Cybersecurity, CISA adds CVE-2022-26134 to its Known Exploited Vulnerabilities Catalog 7 June 2022 Francesco Bussoletti Cyber, Defence and Security It’s a critical zero-day flaw in Atlassian’s Confluence Server and Data Center. The company patched it, but It’s actively exploited.
Cybercrime, EXOTIC LILY works with Conti and others as AIB Google TAG cybersecurity experts: The group is the opportunistic locksmiths of the security world. It… Cybercrime, EXOTIC LILY works with Conti and others as AIB 21 March 2022 Francesco Bussoletti Cyber, Defence and Security Google TAG cybersecurity experts: The group is the opportunistic locksmiths of the security world. It leverages legitimate file-sharing services to deliver malware.
Cybersecurity, Apple patches the zero-day flaw CVE-2022-22620 Security updates for iOS, iPadOS (15.3.1) and macOS (Monterey 12.2.1). The vulnerability is actively exploited… Cybersecurity, Apple patches the zero-day flaw CVE-2022-22620 14 February 2022 Francesco Bussoletti Cyber, Defence and Security Security updates for iOS, iPadOS (15.3.1) and macOS (Monterey 12.2.1). The vulnerability is actively exploited by cybercrime actors.
Cybersecurity, Apple fixes two zero-day critical vulnerabilities One is the CVE-2022-22587 and the other, the CVE-2022-22594. The first one is already actively… Cybersecurity, Apple fixes two zero-day critical vulnerabilities 27 January 2022 Francesco Bussoletti Cyber, Defence and Security One is the CVE-2022-22587 and the other, the CVE-2022-22594. The first one is already actively exploited by cybercrime actors.
Cybersecurity, new zero-day vulnerability on Windows despite the last patch Abdelhamid Naceri discovered a flaw, which bypass the CVE-2021-41379 security update. It allows a privilege… Cybersecurity, new zero-day vulnerability on Windows despite the last patch 24 November 2021 Francesco Bussoletti Cyber, Defence and Security Abdelhamid Naceri discovered a flaw, which bypass the CVE-2021-41379 security update. It allows a privilege escalation to admin level.
Cybersecurity, serious vulnerability on SolarWinds Serv-U Yoroi: All versions up to 15.2.3 HF1 are involved and there have already been targeted… Cybersecurity, serious vulnerability on SolarWinds Serv-U 15 July 2021 Francesco Bussoletti Cyber, Defence and Security Yoroi: All versions up to 15.2.3 HF1 are involved and there have already been targeted cybercrime attacks. Update the systems now!
Cybersecurity, Kaseya patches the VSA zero-day vulnerabilities used by REvil Bleeping Computer: The cybercrime ransomware gang probably exploited one or a combination of CVE-2021-30116, CVE-2021-30119,… Cybersecurity, Kaseya patches the VSA zero-day vulnerabilities used by REvil 13 July 2021 Francesco Bussoletti Cyber, Defence and Security Bleeping Computer: The cybercrime ransomware gang probably exploited one or a combination of CVE-2021-30116, CVE-2021-30119, and CVE-2021-30120.
Cybersecurity, the PrintNightmare flaw has been patched in all Windows versions Microsoft released the emergency security update KB5004948 for the Print Spooler critical zero-day vulnerability, the… Cybersecurity, the PrintNightmare flaw has been patched in all Windows versions 8 July 2021 Francesco Bussoletti Cyber, Defence and Security Microsoft released the emergency security update KB5004948 for the Print Spooler critical zero-day vulnerability, the CVE-2021-34527.
Cybersecurity, disable the Windows Print Spooler service on servers not used for printing The US CISA: An attacker could exploit the critical PrintNightmare zero-day vulnerability to take control… Cybersecurity, disable the Windows Print Spooler service on servers not used for printing 2 July 2021 Francesco Bussoletti Cyber, Defence and Security The US CISA: An attacker could exploit the critical PrintNightmare zero-day vulnerability to take control of an affected system.
Cybersecurity, Zero-day exploit in Desktop Window Manager It’s the CVE-2021-28310, discovered by Kaspersky and linked to escalation of privilege (EoP). It has… Cybersecurity, Zero-day exploit in Desktop Window Manager 21 April 2021 Francesco Bussoletti Cyber, Defence and Security It’s the CVE-2021-28310, discovered by Kaspersky and linked to escalation of privilege (EoP). It has just been patched, but cybercrime use it.