CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM…
Microsoft fixes Windows AppX Installer zero-day used by Emotet
Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...]
Dell driver fix still allows Windows Kernel-level attacks
Dell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution.…
Australian govt raises alarm over Conti ransomware attacks
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since…
New zero-day exploit for Log4j Java library is an enterprise nightmare
Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing…
Mozilla fixes critical bug in cross-platform cryptography library
Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. [...]
Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
Threat actors are exploiting the recently patched CVE-2021-40438 flaw in Apache HTTP servers, warns German Cybersecurity Agency and […] The…
FBI warns of APT group exploiting FatPipe VPN zero-day since May
The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products…
In Appreciation: Alan Paller
Alan Paller, founder of the famed SANS Institute, passed away on Nov. 9.
Microsoft urges Exchange admins to patch bug exploited in the wild
Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code…