Pierluigi Paganini
November 17, 2020
In May 2019, Microsoft disclosed the BlueKeep vulnerability, more than a year later over 245,000 Windows systems still remain unpatched. Over a year ago Microsoft Patch Tuesday updates for May 2019 addressed nearly 80 vulnerabilities, including the BlueKeep flaw. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that can be exploited by […]
Pierluigi Paganini
November 17, 2020
The popular video conferencing application Zoom implemented the new “At-Risk Meeting Notifier” feature to warn of Zoombombing threat. Zoom announced the launch a new feature dubbed “At-Risk Meeting Notifier” to warn conference organizers of potential Zoombombing attacks. The feature scans the web for links to Zoom meetings that have been posted online and warn organizers […]
Pierluigi Paganini
November 14, 2020
Chris Krebs, the director of DHS’ Cybersecurity and Infrastructure Security Agency, expecting to be fired as White House frustrations hit agency protecting elections. Chris Krebs, the director of DHS’ Cybersecurity and Infrastructure Security Agency (CISA) expects the White House to fire him, as the Trump administration continues a purge of officials that are considered disloyal […]
Pierluigi Paganini
November 13, 2020
Schneider Electric released advisories for multiple flaws, including issues that can allow taking control of Modicon M221 PLCs. Schneider Electric released security advisories for multiple vulnerabilities impacting various products, including four issues that can be exploited by attackers to take control of Modicon M221 programmable logic controllers (PLCs). Four encryption and authentication issues in Modicon […]
Pierluigi Paganini
November 12, 2020
A Swedish administrative court has suspended the ban on Huawei equipment from the national 5G network. A Swedish administrative court ins Stockholm has suspended the decision to ban Huawei equipment from the country’s 5G network. In October, Sweden announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The ban aims at […]
Pierluigi Paganini
November 11, 2020
Mozilla and Google have already fixed the critical flaws in Firefox and Chrome exploited by bug bounty hunters at 2020 Tianfu Cup hacking contest. Mozilla and Google have already addressed the critical Firefox and Chrome vulnerabilities that were recently exploited by white hat hackers at the 2020 Tianfu Cup hacking contest. The vulnerability in Chrome exploited […]
Pierluigi Paganini
November 11, 2020
Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attackers threaten to release the stolen […]
Pierluigi Paganini
November 11, 2020
Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. Microsoft Patch Tuesday updates for November 2020 address 112 vulnerabilities in multiple products, including Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer (IE), Edge (EdgeHTML-based and Chromium-based), ChakraCore, Exchange Server, […]
Pierluigi Paganini
November 10, 2020
Adobe addressed vulnerabilities in its Reader Mobile and Connect products, none of them is rated as critical severity. Adobe has released security patches to address vulnerabilities in its Reader Mobile and Connect products. “Adobe has published security bulletins for Adobe Connect (APSB20-69) and Adobe Reader Mobile (APSB20-71). Adobe recommends users update their product installations to […]
Pierluigi Paganini
November 05, 2020
VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. The CVE-2020-3992 vulnerability is a use-after-free bug issue that affects […]
