Flash Notices (15)

Flash Notice: Apple Patches Two Vulnerabilities, Including a Zero-Day

In response to attacks aimed at hacking iPhones, iPads, & Macs, Apple issued urgent security updates that address two vulnerabilities - one a zero-day.

Flash Notice: Beware - QakBot Group Infects Microsoft's OneNote with QakNote Malware

The group TA577 or QakBot has been distributing malware to infect systems via OneNote files since January 31, 2023, with a spike in attacks just this week.

Flash Notice: Thousands of Unpatched VMware Servers Hit by Two-Year Old Vulnerability

This weekend ESXiArgs ransomware hit VMware servers & encrypted thousands of unpatched internet exposed ESXi systems through a 2-year old RCE vulnerability

Flash Notice: Cisco Command-Injection Vulnerability Found in Production Equipment

A command-injection vulnerability was found in Cisco’s production equipment. CVE-2023-20076 could allow unauthorized root-level access & RCE.

Flash Notice: Critical QNAP NAS Vulnerability

A critical vulnerability was found in QNAP Systems’ network-attached storages devices (NAS). CVE-2022-27596 is rated critical with a CVSS score of 9.8.

Flash Notice: Apple Zero-Day Impacts Older iPhones and iPads

An actively exploited iOS zero-day vulnerability (CVE-2022-42856) was found in older versions of Apple’s iPhones and iPads.

Flash Notice: UPDATE - Zoho ManageEngine Vulnerability Exploited in the Wild

UPDATE: 2/27/2023 - vulnerability (CVE-2022-47966) was found in two dozen Zoho ManageEngine products which is currently being exploited in the wild.

Flash Notice: Microsoft Patch Tuesday Addresses 11 Critical Vulnerabilities & 1 Zero-Day

Microsoft recently released its Patch Tuesday fixes which included a patch for an actively exploited zero-day vulnerability, CVE-2023-21674.

Flash Notice: High-Severity JsonWebToken Library Vulnerability

A vulnerability was found in the open source JsonWebToken (JWT) library that could allow an attacker to achieve remote code execution on a server.

Flash Notice: High-Severity Fortinet Vulnerabilities Impact FortiTester and FortiADC

Two high-severity vulnerabilities (CVE-2022-35845 and CVE-2022-39947) were found in Fortinet’s FortiADC and FortiTester.

Prev 13 14 15 16 17 Next