Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users.
On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to patch it. Unusually for Google, the company provided no further details at the time.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA gives federal agencies until Friday to patch Exchange servers
April 13, 2021
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. Today, Microsoft released security updates for four Microsoft Exchange vulnerabilities discovered by the NSA. These Exchange vulnerabilities are capable of remote code execution, with two vulnerabilities not requiring attackers to authenticate first. Read more… Source: Bleeping Computer Related story: ...
- Critical security alert: If you haven’t patched old Fortinet VPN vulnerability, assume your network is compromised
April 12, 2021
Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have yet to apply a critical security update released almost two years ago, should assume they’ve been compromised and act accordingly. The alert from the National Cyber Security Centre (NCSC) follows a ...
- VMware patches critical vRealize Operations platform vulnerabilities
March 31, 2021
VMware has patched a pair of severe vulnerabilities that could lead to the theft of administrator credentials in vRealize. vRealize Operations is described as an artificial intelligence (AI)-based platform that provides “self-driving IT operations management for private, hybrid, and multi-cloud environments.” On Tuesday, the software vendor published a security advisory for the security flaws which impact VMware ...
- Newly-Discovered Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux
March 29, 2021
Two new vulnerabilities have been patched in the Linux kernel which, if exploited, could bypass existing mitigations for the Spectre vulnerabilities. The vulnerabilities were discovered by Piotr Krysiuk, a researcher on Symantec’s Threat Hunter team, who reported them to the Linux kernel security team. If left unpatched, the vulnerabilities mean that existing Spectre protections will ...
- Apple releases emergency update for iPhones, iPads, and Apple Watch
March 27, 2021
Apple has released an emergency update to patch a serious vulnerability (https://support.apple.com/en-us/HT212258) found in iOS, iPadOS, and watchOS. The patches are iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3, respectively. The vulnerability, discovered by Google’s Threat Analysis Group, affects Apple’s WebKit browser engine, and what makes this an urgent update is the fact that the Apple claims that ...
- Cisco Plugs Security Hole in Small Business Routers
March 17, 2021
A popular line of small business routers made by Cisco Systems are vulnerable to a high-severity vulnerability. If exploited, the flaw could allow a remote – albeit authenticated – attacker to execute code or restart affected devices unexpectedly. Cisco issued fixes on Wednesday for the flaw in its RV132W ADSL2+ Wireless-N VPN routers and RV134W VDSL2 ...