Author: ContentCreator

Original release date: February 2, 2021 CISA is aware of a vulnerability in SonicWall Secure Mobile Access (SMA) 100 series products. SMA 100 series products provide an organization’s employees with remote access to internal resources. SonicWall security and engineering teams have confirmed a zero-day vulnerability that was reported by a third-party threat research team on… Read more

Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign. Read more

Original release date: February 1, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info async-git_project — async-git The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. 2021-01-26 7.5 CVE-2021-3190 MISC MISC MISC CONFIRM caret — caret A… Read more

The flaw in the free-source library could have been ported to multiple applications. Read more

Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices. Read more

The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites. Read more

Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more. Read more

Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits. Read more

A phishing kit has been found running on at least 700 domains – and mimicking services via false SharePoint, OneDrive and Office 365 login portals. Read more

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. Read more