Exploits and vulnerabilities – Page 27 – Computer Security Articles

MalwareBytes Security

Update now! Microsoft releases patches, including one for actively exploited zero-day

May 11, 2022 admin adobe, Azure, chrome, Cisco, cve-2022-22713, cve-2022-23270, cve-2022-26925, cve-202221972, cve-202229972, Exploits and vulnerabilities, f5 big ip, Hyper-V, lsa spoofing, odbc, opera, Patch Tuesday, ptpt, Redshift, Zero-Day

Credit to Author: Pieter Arntz| Date: Wed, 11 May 2022 14:36:23 +0000

May’s Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones.

The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! F5 BIG-IP vulnerability being actively exploited

May 9, 2022 admin cve-2022-1388, Exploits and vulnerabilities, f5 big ip, icontrol

Credit to Author: Pieter Arntz| Date: Mon, 09 May 2022 15:39:17 +0000

Only a few days after the release of the patch for a vulnerability in F5 BIG-IP, exploits were developed and are now being deployed.

The post Update now! F5 BIG-IP vulnerability being actively exploited appeared first on Malwarebytes Labs.

MalwareBytes Security

Google fixes two critical Pixel vulnerabilities: Get your updates when you can!

May 5, 2022 admin Android, bootloader, cve-2021-35090, cve-2022-20117, cve-2022-20120, Exploits and vulnerabilities, google, pixel, qualcomm, race condition, titan m, toc tou

Credit to Author: Pieter Arntz| Date: Thu, 05 May 2022 14:44:24 +0000

Google has released updates for Android and its Pixel phone. We discuss the three vulnerabilities that were classified as critical.

The post Google fixes two critical Pixel vulnerabilities: Get your updates when you can! appeared first on Malwarebytes Labs.

MalwareBytes Security

Unfixed vulnerability in popular library puts IoT products at risk

May 4, 2022 admin dns poisoning, Exploits and vulnerabilities, IoT, library, MITM, transaction id, uclibc

Credit to Author: Pieter Arntz| Date: Wed, 04 May 2022 16:13:27 +0000

Researchers have disclosed an unpatched vulnerability in the popular uClibc library that could allow attackers to use DNS poisoning.

The post Unfixed vulnerability in popular library puts IoT products at risk appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Critical patches for Chrome and Edge

April 30, 2022 admin cjhromium, edge chrome, Exploits and vulnerabilities, Use After Free

Credit to Author: Pieter Arntz| Date: Sat, 30 Apr 2022 13:44:04 +0000

Google has released an update for the Chrome browser that includes 30 security fixes. Edge and other Chromium-based browsers also need updating.

The post Update now! Critical patches for Chrome and Edge appeared first on Malwarebytes Labs.

MalwareBytes Security

The top 5 most routinely exploited vulnerabilities of 2021

April 29, 2022 admin cisa, confluence, cve-2021-26084, cve-2021-26857, cve-2021-26858, cve-2021-27065, cve-2021-31207, cve-2021-34473, cve-2021-34523, cve-2021-40539, cve-2021-44228, cve-26855, Exploits and vulnerabilities, log4shell, microsoft exchange server, ognl, proxylogon, proxyshell, zoho manageengine

Credit to Author: Pieter Arntz| Date: Fri, 29 Apr 2022 16:28:20 +0000

International cybersecurity authorities have published an overview of the most routinely exploited vulnerabilities of 2021.

The post The top 5 most routinely exploited vulnerabilities of 2021 appeared first on Malwarebytes Labs.

MalwareBytes Security

QNAP customers urged to disable AFP to protect against severe vulnerabilities

April 28, 2022 admin afpqnap, cve-2021-23121, cve-2021-23122, cve-2021-23125, cve-2022-0194, cvss, Exploits and vulnerabilities, MacOS, NAS, netatalk, synology, truenas, western digital

Credit to Author: Pieter Arntz| Date: Thu, 28 Apr 2022 14:28:10 +0000

NAS device vendors are dealing with several severe vulnerabilities in Netatalk, the open-source implemenation of AFP.

The post QNAP customers urged to disable AFP to protect against severe vulnerabilities appeared first on Malwarebytes Labs.

MalwareBytes Security

Lenovo issues fixes for laptop backdoors

April 21, 2022 admin backdoor, cve-2021-3970, cve-2021-3971, cve-2021-3972, Exploits and vulnerabilities, firmware, Lenovo, uefi

Credit to Author: Pieter Arntz| Date: Thu, 21 Apr 2022 15:11:05 +0000

Millions of Lenovo laptops were shipped with a backdoor that was intended for the manufacturing process only.

The post Lenovo issues fixes for laptop backdoors appeared first on Malwarebytes Labs.