PrintNightmare, Critical Windows Print Spooler Vulnerability 06/30/2021 05:32 PM EDT Original release date: June 30, 2021 The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has released an update for CVE-2021-1675, it is important to realize that this update… Continue reading PrintNightmare, Critical Windows Print Spooler Vulnerability
Month: June 2021
CISA’s CSET Tool Sets Sights on Ransomware Threat
CISA’s CSET Tool Sets Sights on Ransomware Threat 06/30/2021 12:45 PM EDT Original release date: June 30, 2021 CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices… Continue reading CISA’s CSET Tool Sets Sights on Ransomware Threat
CISA Begins Cataloging Bad Practices that Increase Cyber Risk
CISA Begins Cataloging Bad Practices that Increase Cyber Risk 06/29/2021 06:27 AM EDT Original release date: June 29, 2021 In a blog post by Executive Assistant Director (EAD) Eric Goldstein, CISA announced the creation of a catalog to document bad cybersecurity practices that are exceptionally risky for any organization and especially dangerous for those supporting designated Critical… Continue reading CISA Begins Cataloging Bad Practices that Increase Cyber Risk
Vulnerability Summary for the Week of June 21, 2021
Vulnerability Summary for the Week of June 21, 2021 06/28/2021 08:23 AM EDT Original release date: June 28, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info apache — nuttx Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper… Continue reading Vulnerability Summary for the Week of June 21, 2021
Citrix Releases Security Updates for Hypervisor
Citrix Releases Security Updates for Hypervisor 06/25/2021 06:39 AM EDT Original release date: June 25, 2021 Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX316325 and apply the necessary updates. This product is… Continue reading Citrix Releases Security Updates for Hypervisor
VMware Releases Security Updates
VMware Releases Security Updates 06/23/2021 07:26 AM EDT Original release date: June 23, 2021 VMware has released security updates to address vulnerabilities in the VMware Carbon Black App Control management server as well as VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes. An attacker could exploit these vulnerabilities to take control… Continue reading VMware Releases Security Updates
Vulnerability Summary for the Week of June 14, 2021
Vulnerability Summary for the Week of June 14, 2021 06/21/2021 07:16 AM EDT Original release date: June 21, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info bloofox — bloofoxcms bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). 2021-06-16… Continue reading Vulnerability Summary for the Week of June 14, 2021
Google Releases Security Updates for Chrome
Google Releases Security Updates for Chrome 06/18/2021 07:05 AM EDT Original release date: June 18, 2021 Google has released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities—CVE-2021-30554—has been detected in exploits in the wild. CISA… Continue reading Google Releases Security Updates for Chrome
Cisco Releases Security Updates for Multiple Products
Cisco Releases Security Updates for Multiple Products 06/17/2021 06:51 AM EDT Original release date: June 17, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA… Continue reading Cisco Releases Security Updates for Multiple Products
Apple Releases Security Updates for iOS 12.5.4
Apple Releases Security Updates for iOS 12.5.4 06/15/2021 06:43 AM EDT Original release date: June 15, 2021 Apple has released security updates to address vulnerabilities in iOS 12.5.4. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary… Continue reading Apple Releases Security Updates for iOS 12.5.4