A critical vulnerability in FortiOS SSL-VPN has been confirmed to be exploited in the wild by Fortinet. FortiGuard Labs, the threat and research branch of Fortinet, have published a security advisory this week warning users to immediately validate their systems against the list of indicators of compromise (IoC) which can be found in the security […]
Critical RCE Vulnerability Exploited in FortiOS Read More »
An update for NVIDIA GPU Display Driver was recently released, addressing 26 different security vulnerabilities, eight of which are considered high-severity flaws with a CVSS base score of between 7.1 and 8.8. Four vulnerabilities were also patched in the NVIDIA VGPU Software, 3 of which were also high-severity flaws. Last week, the Cisco Talos Intelligence
High Severity NVIDIA Driver Vulnerabilities Patched Read More »
High severity zero-day vulnerability has been found in Google Chrome for Desktop, causing Google to release their ninth emergency update so far this year to patch it. Users of Chrome on Windows, Mac, and Linux should update to the latest version of this browser, which is version 108.0.5359.94 for Mac and Linux, and version(s) 108.0.5359.94/.95
New Exploited Google Chrome Zero-Day Vulnerability Read More »
Three Android apps with over 2 million combined downloads have been found to have critical vulnerabilities that could result in remote code execution. These applications, Lazy Mouse, Telepad, and PC Keyboard, act as a remote keyboard or mouse for a desktop or laptop computer from the Android device they are installed on. Seven different vulnerabilities
Remote Code Execution Flaws in Keyboard Apps Read More »
A high-severity vulnerability that could allow changes to the Secure Boot settings on laptop devices has been identified on multiple models of Acer Notebooks. The affected models are Acer Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. This vulnerability has been identified by an ESET malware researcher and is being fixed by Acer
Acer Vulnerability Disables Secure Boot Settings Read More »
Google Chrome has released an emergency update to patch a critical severity vulnerability present in the Chrome desktop app. Microsoft have also alerted customers that the chromium-based browser Microsoft Edge also contains this vulnerability in both Windows and Mac versions of the desktop app. This has been given a high severity rating by Google and
Exploited Chromium Vulnerability in Chrome and Edge Read More »
A new ransomware tool called AXLocker is being used by attackers to encrypt files and steal Discord account tokens. A large community of cryptocurrency and NFT owners use Discord to connect with others who have a similar interest or portfolio. Discord uses authentication tokens which are saved to the computer when a user logs in,
AXLocker Ransomware Steals Discord Account Tokens Read More »
Two critical severity vulnerabilities have been identified in Atlassian products Crowd, and Bitbucket Server and Data Center. Security advisories were released by Atlassian for each product detailing the severity, affected versions, and mitigation steps. The Atlassian Crowd Server and Data Center vulnerability affects all versions released after Crowd 3.0.0, however version 3.0.0 itself is an
Critical Severity Vulnerabilities in Atlassian Products Read More »
A critical vulnerability is being exploited in Magento 2 and Adobe Commerce sites for online retailers. Attackers are sending trojan orders to the target website and are hiding their attacks by using the increase in online purchases around the time of Black Friday and Cyber Monday sales, and in the holiday shopping period in general.
TrojanOrder Attacks Target Online Retailers Read More »
A Mozilla Foundation Security Advisory was released yesterday detailing the security vulnerabilities that have been fixed in the latest Firefox update. Firefox 107 contains security fixes to 8 high severity vulnerabilities that impact previous versions of this product. These include three use-after-free vulnerabilities in InputStream (CVE-2022-45405), JavaScript Realm (CVE-2022-45406), and Garbage Collection (CVE-2022-45409), and a
Mozilla Firefox Fix 19 Vulnerabilities Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.