New Vulnerabilities Tuesday 25 August

New Alerts for Dell, Apple (Safari exploit), and Linux.   Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for Squid, IBM, HPE, and Linux.  Cisco has updated their bulletin for the Treck IP Stack Ripple20 vulnerabilities, adding expected release dates for several products. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and i...
New Alerts for Microsoft Edge, IBM, Xerox, Hitachi, VMware, BIND, NetApp, and Linux.   CERT has published three new bulletins on physical attacks on ATMs. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://rada...
New Alerts for Cisco, Moxa, Trend Micro, Philips, and Linux.  Johnson Controls has put out a bulletin identifying their products affected by Ripple20, with updates.ShadowPad is one of the largest known supply-chain attacks. Once activated, the backdoor allows attackers to download further malicious modules or steal data. There are reports that...
New Alerts for Google Chrome, IBM, libcurl, and Linux.   Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for HPE and Linux.  Too quiet... Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for IBM, Xerox, and Linux. I find it uncomfortably quiet... Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for TIBCO, NetApp, and Linux. Researchers have discovered an attack on the Voice over LTE (VoLTE) mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls.  Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and ...
New Alerts for Wireshark, Microsoft, Dell, Apache Struts, Apple, and Linux. Six simple actions can leave you hacked in Windows, including playing audio, playing video, browsing a website, receiving an email, looking at a PDF, and editing an HTML page.  Patch your systems! Vulnerabilities in Amazon's Alexa virtual assistant platform could ...
Most of our readers will be familiar with security researcher Troy Hunt's password breach project 'haveibeenpwned', a simple explanation is that it hosts a database of password breaches which can be searched for exposure. If your company or organisation has suffered from a hacking incident then there's a reasonable chance that any credentials or ha...
New Alerts for Yokogawa, ABB, IBM, QNAP, BlackBerry, and Linux. Don't forget Microsoft Monthly Patches, two are being actively exploited.  Although vulnerabilities that require local access don't reach the Radar Page, Intel has published a slew of updates that corrects many vulnerabilities.  Vendors like HP and Lenovo are rolling out the ...
Microsoft Monthly Patches are out with two currently exploited and one previously disclosed.  Adobe Monthly Patches are out as well. Although we don't report on CMS and templates on the Radar page, this is worth reporting here...  vBulletin pre-auth RCE from September 2019 easily bypassed, PoC exploit code published. Qualcomm published fi...
Monthly Patches are out for SAP, Siemens, and Schneider Electric. New Alerts for Google, Apple, Citrix, Sierra Wireless, and Linux. Microsoft and Adobe Monthly Patches are expected out later today. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of...
New Alerts for Apache, SICK, IBM, NetApp, and Linux. Tomorrow is monthly Patch Day for Microsoft, Adobe, Schneider Electric, Siemens, and SAP.  Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securityw...
New Alerts for Advantech, Xerox, and Linux. Adobe has the pre-release notice for next week's Patch Tuesday out.  Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com Adobe Product Secur...
New Alerts for Cisco, Dell, HPE, PHP, BlackBerry, FreeBSD, and Linux. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for IBM and Linux. GNU C has a remote code execution vulnerability, exploitable locally so doesn't make the Radar page, but worth taking a look. The Ripple20 vulnerabilities affect the Treck TCP/IP stack, but now CISA is reporting that "The Treck TCP/IP stack may be known by other names such as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet...

Find Out More

© Computer Network Defence Limited 2020
For The Latest Updates Please Subscribe to Our Feed
Or Follow Us on LinkedIn