Security Bulletin

SecurityWeek reports that numerous security vulnerabilities impacting Mozilla Firefox and Thunderbird have been addressed in new updates.

U.S. cybersecurity startup SimSpace has landed a $45 million investment.

A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.

The text messages threaten fines if the victims don't provide personal and financial details.

Cybercriminals are increasingly using AI tools to launch successful attacks, but defenders are battling back.

No good deed goes unpunished, as a national push to combat SIM fraud has introduced new logistical and privacy issues for ordinary citizens.

Building out our security cloud vision, Cisco announces its intent to acquire Isovalent. Together we will create a unique multicloud security and networking capability to help customers accelerate their digital transformation.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: QNAP Equipment: VioStor NVR Vulnerability: OS Command Injection 2. RISK EVALUATION...

CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-355-01 FXC AE1021/AE1021PE ICSA-23...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: FXC Equipment: AE1021, AE1021PE Vulnerability: OS Command Injection 2. RISK EVALUATION...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-49897 FXC AE1021, AE1021PE OS Command Injection Vulnerability CVE-2023-47565 QNAP VioStor NVR OS Command...

CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. This guidance release is accompanied by the updated SCuBAGear tool...