Cybersecurity, new zero-day vulnerability on Windows despite the last patch
Abdelhamid Naceri discovered a flaw, which bypass the CVE-2021-41379 security update. It allows a privilege escalation to admin level.
Cybersecurity, serious vulnerability on SolarWinds Serv-U
Yoroi: All versions up to 15.2.3 HF1 are involved and there have already been targeted cybercrime attacks. Update the systems now!
Cybersecurity, Kaseya patches the VSA zero-day vulnerabilities used by REvil
Bleeping Computer: The cybercrime ransomware gang probably exploited one or a combination of CVE-2021-30116, CVE-2021-30119, and CVE-2021-30120.
Cybersecurity, the PrintNightmare flaw has been patched in all Windows versions
Microsoft released the emergency security update KB5004948 for the Print Spooler critical zero-day vulnerability, the CVE-2021-34527.
Cybersecurity, disable the Windows Print Spooler service on servers not used for printing
The US CISA: An attacker could exploit the critical PrintNightmare zero-day vulnerability to take control of an affected system.
Cybersecurity, Zero-day exploit in Desktop Window Manager
It’s the CVE-2021-28310, discovered by Kaspersky and linked to escalation of privilege (EoP). It has just been patched, but cybercrime use it.
Cyber Security, zero-day vulnerability in Cisco RV042 and RV042G routers
CyCognito experts: A Cross-Site Scripting (XSS) flaw gives cybercrime can take control of a router administrator’s web configuration utility. The issue has been fixed with a patch.
Cyber Security, WordPress adds auto-update for themes and plugins
Vulnerabilities in old versions are cause of great concern, thanks to the tons of attacks that exploit them to hack the sites. The new feature should be out with the CMS upcoming 5.5 release.
Cyber Security, CISA released test for Citrix ADC-Gateway vulnerability
The zero-day flaw has been already exploited by cybercrime to launch attacks. Howerever, on January 20 the company will release new versions that will patch it.
Cyber Security, new zero-day vulnerability discovered on Mozilla Firefox
Yoroi-Cybaze experts: The manufacturer has confirmed that it has already been used for targeted attacks in order to install malware. We recommend installing the security patch immediately.