Pierluigi Paganini
June 12, 2021
An authentication bypass flaw in the polkit auth system service used on most Linux distros can allow to get a root shell. An authentication bypass vulnerability in the polkit auth system service, tracked as CVE-2021-3560, which is used on most Linux distros can allow an unprivileged attacker to get a root shell. “A flaw was found […]
Pierluigi Paganini
June 11, 2021
The current era, where all data is digital, the threats of fraud, breach and data sprawl are more of a reality than ever. In these times, organizations not only take a hit because of the breached data and cyber threats, but also are heavily fined under global privacy regulations. These privacy regulations are in place […]
Pierluigi Paganini
June 11, 2021
Italy announced the creation of the national cybersecurity agency, a move aimed at increase the level of cyber security of its infrastructure The Italian government has announced the creation of a new agency focused on cybersecurity, Prime Minister Mario Draghi provided its strong commitment to the creation of the agency that is tasked to protect […]
Pierluigi Paganini
June 10, 2021
Google this week addressed 14 vulnerabilities in the Chrome browser, including a zero-day flaw that has been exploited in the wild. Google released security updates to address 14 vulnerabilities in the Chrome browser, including a zero-day issue that has been exploited in the wild. The most severe of these flaws, tracked as CVE-2021-30544, is a […]
Pierluigi Paganini
June 09, 2021
Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for cryptocurrency. The campaign was first spotted at the end of May, experts noticed the deployment of TensorFlow pods […]
Pierluigi Paganini
June 09, 2021
Google’s June security bulletin addresses more than 90 vulnerabilities in Android and Pixel devices, including a Critical RCE (CVE-2021-0507). Google’s June security bulletin addresses more than 90 vulnerabilities in Android and Pixel devices, including a Critical RCE tracked as CVE-2021-0507 that could allow to take over a device. “The most severe vulnerability in this section […]
Pierluigi Paganini
June 09, 2021
Microsoft’s June 2021 Patch Tuesday addressed 50 vulnerabilities, including six zero-day issues that are being actively exploited in the wild. Microsoft’s June 2021 Patch Tuesday addresses 50 vulnerabilities in Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge (Chromium-based and EdgeHTML), SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML Platform, […]
Pierluigi Paganini
June 05, 2021
The U.S. CISA announced the availability of a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. In 2018, MITRE announced the […]
Pierluigi Paganini
June 04, 2021
Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724, that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the […]
Pierluigi Paganini
June 03, 2021
Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. Cisco has addressed multiple vulnerabilities in its products, including high-risk flaws in Webex Player, SD-WAN software, and ASR 5000 series software. The IT giant fixed three high-severity vulnerabilities (CVE-2021-1503, CVE-2021-1526, CVE-2021-1502) affecting Webex Player for Windows and […]
