A zero-day vulnerability has been identified in the Cisco Discovery Protocol processing feature of Cisco IP Phone series 7800 and 8800 firmware. Although a security advisory has been released by Cisco that discloses this high severity flaw, they have not yet released an update to patch it. An update is due to be released in […]
Cisco IP Phone Zero-Day Vulnerability Disclosed Read More »
A security update for December has been released by Google for Android that addresses 4 critical severity vulnerabilities. An additional 16 critical flaws have been patched in a Pixel update that has been released for Google Pixel devices. These 16 additional vulnerabilities patched are elevation of privilege flaws found in Pixel firmware, and LDFW, TF-A,
Android Update Patches Critical Vulnerabilities Read More »
Endpoint detection and response (EDR) systems, and antivirus (AV) software, are used to increase the cybersecurity of a device. However, these security software solutions are now able to be exploited for their data deletion capabilities, effectively turning them into data wipers. Security researcher Or Yair at SafeBreach Labs discovered this capability alongside multiple zero-day vulnerabilities
Endpoint Detection Systems Used as Data Wipers Read More »
Apple have released updates across their macOS platforms to address a vulnerability known as ‘Achilles’ that could allow malicious downloaded apps to bypass Gatekeeper security checks. A patch for this vulnerability was released in a security update last week, which can be found in macOS Ventura 13.1, macOS Monterey 12.6.2, and macOS Big Sur 11.7.2.
Apple MacOS Vulnerability Allows Gatekeeper Bypass Read More »
A critical zero-day vulnerability has been confirmed to be actively exploited by state-backed attackers to gain access to corporate networks. The National Security Agency (NSA), a branch of the US Government, have released a cybersecurity advisory to help organisations detect and mitigate attacks that exploit this vulnerability. Products affected by this flaw are Citrix ADC
Citrix Zero-Day Vulnerability Actively Exploited Read More »
A critical vulnerability in FortiOS SSL-VPN has been confirmed to be exploited in the wild by Fortinet. FortiGuard Labs, the threat and research branch of Fortinet, have published a security advisory this week warning users to immediately validate their systems against the list of indicators of compromise (IoC) which can be found in the security
Critical RCE Vulnerability Exploited in FortiOS Read More »
An update for NVIDIA GPU Display Driver was recently released, addressing 26 different security vulnerabilities, eight of which are considered high-severity flaws with a CVSS base score of between 7.1 and 8.8. Four vulnerabilities were also patched in the NVIDIA VGPU Software, 3 of which were also high-severity flaws. Last week, the Cisco Talos Intelligence
High Severity NVIDIA Driver Vulnerabilities Patched Read More »
Distributed Denial of Service (DDoS) attacks are on the rise, with the second half of 2021 showing a 43% increase in attacks since the first half of the same year. The Microsoft Digital Defence Report for 2022 shows that so far in 2022 Microsoft have mitigated nearly 2000 DDoS attacks each day. This report also
The Threat of Holiday DDoS Attacks Read More »
High severity zero-day vulnerability has been found in Google Chrome for Desktop, causing Google to release their ninth emergency update so far this year to patch it. Users of Chrome on Windows, Mac, and Linux should update to the latest version of this browser, which is version 108.0.5359.94 for Mac and Linux, and version(s) 108.0.5359.94/.95
New Exploited Google Chrome Zero-Day Vulnerability Read More »
Three Android apps with over 2 million combined downloads have been found to have critical vulnerabilities that could result in remote code execution. These applications, Lazy Mouse, Telepad, and PC Keyboard, act as a remote keyboard or mouse for a desktop or laptop computer from the Android device they are installed on. Seven different vulnerabilities
Remote Code Execution Flaws in Keyboard Apps Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.