+44 (0)203 88 020 88

Menu

Search

January 2023

Apple Backport Zero-Day Security Patches for iOS

Apple have released security updates this week for a range of their software, including MacOS, watchOS, iOS, iPadOS, and Safari. Among these new releases is iOS 12.5.7, which contains backported security patches for older iPhone models to resolve a high severity zero-day vulnerability. This flaw was patched in more recent device models in December, however […]

Apple Backport Zero-Day Security Patches for iOS Read More »

Critical Authentication Bypass in Cisco Routers

Two new vulnerabilities have been disclosed on end-of-life Cisco RV Series small business routers. These vulnerabilities can be exploited individually or chained into an attack that allows for remote attackers to gain root access to the operating system where they can then execute arbitrary code. The affected devices are RV016 Multi-WAN VPN Routers, RV042 Dual

Critical Authentication Bypass in Cisco Routers Read More »

WordPress Plugins have SQL Injection Vulnerabilities

Proof of concept (PoC) code has been released for three critical vulnerabilities in WordPress plugins that allow for SQL injection into the website code. The affected plugins are Paid Memberships Pro, Easy Digital Downloads, and Survey Maker, all of which have now received security updates that patch the SQL injection flaws. A security researcher at

WordPress Plugins have SQL Injection Vulnerabilities Read More »

Google Chrome Update Patches 17 Vulnerabilities

A new version of the Chrome desktop app has been released to the Chrome Stable Channel available for all platforms. Chrome version 109.0.5414.74 on Linux, 109.0.5414.74/.75 on Windows, and 109.0.5414.87 on Mac contain new Chrome 109 features, as well as security patches for 17 vulnerabilities, two of which are high severity flaws.   CVE-2023-0128 is a

Google Chrome Update Patches 17 Vulnerabilities Read More »

Preparing for the Cyber Security Threats of 2023

The cyber security challenges faced by organisations last year can give hints towards the way cyber crime is evolving this year. Ransomware has established itself as a constant threat, and is now available on demand through ransomware-as-a-service models, phishing events have increased, with more sophisticated landing pages, and widespread flaws such as Log4j continue to

Preparing for the Cyber Security Threats of 2023 Read More »

First Microsoft Patch Tuesday of 2023 Fixes Zero-Day

This week was the first Microsoft Patch Tuesday of 2023, where a total of 98 different vulnerabilities have been patched, including an actively exploited zero-day flaw. This update addresses twice the number of vulnerabilities as the December 2022 Patch Tuesday, which saw fixes for 49 vulnerabilities and 2 zero-day flaws.   Eleven of the vulnerabilities patched

First Microsoft Patch Tuesday of 2023 Fixes Zero-Day Read More »

Windows Error Reporting Tool Abused to Load Malware

A legitimate Windows executable is being abused by malicious actors to stealthily infect devices with malware without raising any alarms. The Windows Error Reporting tool WerFault.exe can be exploited to load malware onto a system using a DLL sideloading technique in an attack K7 Security Labs have published an analysis for last week. This legitimate

Windows Error Reporting Tool Abused to Load Malware Read More »

High Severity Vulnerability in ManageEngine Products

A high severity SQL injection vulnerability has been patched in recent updates for Zoho ManageEngine products Password Manager Pro, PAM360, and Access Manager Plus. The software provider released a security advisory for this vulnerability where they advised customers of all three affected products to upgrade to the latest versions immediately due to the severity of

High Severity Vulnerability in ManageEngine Products Read More »

Critical Vulnerability in Synology Router VPN Servers

A recently discovered vulnerability in Synology routers configured to run as VPN servers has been given a critical severity rating and the maximum CVSS score of 10/10. Synology is a global data management and security company specialising in network attached storage (NAS) and storage area network (SAN) devices. Synology Router Manager (SRM) is the operating

Critical Vulnerability in Synology Router VPN Servers Read More »

0

No products in the basket.

No products in the basket.