A high-severity vulnerability that could allow changes to the Secure Boot settings on laptop devices has been identified on multiple models of Acer Notebooks. The affected models are Acer Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. This vulnerability has been identified by an ESET malware researcher and is being fixed by Acer […]
Acer Vulnerability Disables Secure Boot Settings Read More »
Google Chrome has released an emergency update to patch a critical severity vulnerability present in the Chrome desktop app. Microsoft have also alerted customers that the chromium-based browser Microsoft Edge also contains this vulnerability in both Windows and Mac versions of the desktop app. This has been given a high severity rating by Google and
Exploited Chromium Vulnerability in Chrome and Edge Read More »
A new ransomware tool called AXLocker is being used by attackers to encrypt files and steal Discord account tokens. A large community of cryptocurrency and NFT owners use Discord to connect with others who have a similar interest or portfolio. Discord uses authentication tokens which are saved to the computer when a user logs in,
AXLocker Ransomware Steals Discord Account Tokens Read More »
Two critical severity vulnerabilities have been identified in Atlassian products Crowd, and Bitbucket Server and Data Center. Security advisories were released by Atlassian for each product detailing the severity, affected versions, and mitigation steps. The Atlassian Crowd Server and Data Center vulnerability affects all versions released after Crowd 3.0.0, however version 3.0.0 itself is an
Critical Severity Vulnerabilities in Atlassian Products Read More »
A critical vulnerability is being exploited in Magento 2 and Adobe Commerce sites for online retailers. Attackers are sending trojan orders to the target website and are hiding their attacks by using the increase in online purchases around the time of Black Friday and Cyber Monday sales, and in the holiday shopping period in general.
TrojanOrder Attacks Target Online Retailers Read More »
A Mozilla Foundation Security Advisory was released yesterday detailing the security vulnerabilities that have been fixed in the latest Firefox update. Firefox 107 contains security fixes to 8 high severity vulnerabilities that impact previous versions of this product. These include three use-after-free vulnerabilities in InputStream (CVE-2022-45405), JavaScript Realm (CVE-2022-45406), and Garbage Collection (CVE-2022-45409), and a
Mozilla Firefox Fix 19 Vulnerabilities Read More »
This week was November’s patch Tuesday, where Microsoft issued a security update that resolved 68 different vulnerabilities, 6 of which were actively exploited zero-day flaws. A total of 11 vulnerabilities that have been patched this week have been given a critical severity rating, due to a possible exploit leading to elevation of privileges, spoofing, or
Microsoft Patch Six Zero-Day Vulnerabilities Read More »
A security advisory has been released by VMware this week detailing 5 security vulnerabilities that have been addressed in the recent update of VMware Workspace ONE Assist, a remote screen sharing and command execution tool used by help desk and IT staff. Three of these vulnerabilities have been assigned a critical severity rating, and a
Critical VMware Vulnerabilities Patched Read More »
Two new high severity vulnerabilities have been identified in the OpenSSL Software Foundation cryptographic library version 3.0.0. This open-source library is used to encrypt HTTPS connections and other communication channels, so has been relied upon by many as a security measure. These new vulnerabilities could cause denial of service or possible remote code execution to
OpenSSL High Severity Vulnerabilities Patched Read More »
Google have released an emergency update for Google Chrome for Desktop to address a publicly disclosed vulnerability that has active exploits in the wild. This is the seventh zero-day vulnerability that has been fixed in Google Chrome so far in 2022. A blog post on the Chrome Releases Google blog was published last week with
Google Chrome Zero-Day Actively Exploited Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.