Category: alerts

Original release date: February 4, 2021 Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates. For updates addressing lower severity vulnerabilities, see… Read more

The vulnerabilities exist in Cisco’s RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses. Read more

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. Read more

Researchers warn that the Hildegard malware is part of ‘one of the most complicated attacks targeting Kubernetes.’ Read more

The by-now infamous company has issued patches for three security vulnerabilities in total. Read more

The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters. Read more

Original release date: February 2, 2021 Apple has released security updates to address vulnerabilities in macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the… Read more

Original release date: February 2, 2021 Sudo has released an advisory addressing a heap-based buffer overflow vulnerability—CVE-2021-3156—affecting sudo legacy versions 1.8.2 through 1.8.31p2 and stable versions 1.9.0 through 1.9.5p1. Sudo is a utility included in many Unix- and Linux-based operating systems that allows a user to run programs with the security privileges of another user.… Read more

Original release date: February 2, 2021 CISA is aware of a vulnerability in SonicWall Secure Mobile Access (SMA) 100 series products. SMA 100 series products provide an organization’s employees with remote access to internal resources. SonicWall security and engineering teams have confirmed a zero-day vulnerability that was reported by a third-party threat research team on… Read more

Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign. Read more