AgeLocker Ransomware targeting QNAP network-attached storage (NAS) devices have been used by attackers to encrypt user data and demand a ransom. It has been found after research that no unpatched vulnerability was found to be exploited in the use of AgeLocker ransomware attack, whereas all the known affected QNAP NAS Devices are running older unpatched […]

Read More →

Microsoft has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In which 23 are classified as Critical with Remote Code Execution(RCE) 105 are classified as important and 1 is classified as moderate that reside in the Microsoft Windows, Microsoft Exchange Server, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in […]

Read More →

Cisco has released a Security Advisory for the actively exploited worldwide CVE-2020-3452. Cisco Read-Only Path Traversal Vulnerability in the web services interface of Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to perform directory traversal attacks & read sensitive files on the system. Rapid 7 Researchers found […]

Read More →

Microsoft has released patches to fix two remote code execution vulnerabilities in Microsoft Windows Codecs Library. HEVC or Windows codecs library is responsible for handling large media files and decoding them for playback. HEVC is used by developers as it supports a multitude of different file formats. This Windows Extension is designed to take advantage […]

Read More →

Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security vulnerabilities have been discovered by Israeli security research firm JSOF in a low-level TCP/IP software library developed by Treck. Dubbed “Ripple20“, affecting hundreds of millions of internet of things (IoT) and industrial control devices. If […]

Read More →

The Server Message Block Protocol (SMB protocol) which runs over TCP port 445 is a client-server communication protocol used for sharing access to files, printers, network browsing, and inter-process communication over a network. Security researchers from ZecOps have discovered a new critical vulnerability ‘SMBleed’ affecting the Server Message Block (SMB) protocol that could allow attackers to […]

Read More →

The SAP Adaptive Server Enterprise (ASE), previously known as Sybase SQL Server, is a high-performance relational database server that can be hosted on-premise or cloud structure that is used by over 30,000 organizations worldwide, including banking institutions, healthcare companies, security firms, according to SAP marketing materials. In May, SAP released a security update fixing several […]

Read More →

Apple released security updates for multiple products. A total of 59 vulnerabilities were addressed. The exploitation of some of these security flaws could allow an attacker to take control of an affected system. The update for macOS includes fixes for 48 vulnerabilities which could allow an attacker to execute arbitrary code with kernel privileges, cause […]

Read More →

Adobe had released security updates providing fixes for 16 critical vulnerabilities in Adobe Acrobat, Reader, and Adobe DNG Software Development Kit. A total of 36 security bugs were patched in this release. The critical vulnerabilities could allow the attackers to execute arbitrary code or bypass the target machine’s security features. These flaws affect Windows and […]

Read More →

  Although its not a Patch Tuesday, Adobe has released some of the emergency security updates to its products like Adobe Bridge, Illustrator, and Magento. So its time for all the users of these applications to be heedful. The software giant has announced the release of patches to its products in order to patch multiple […]

Read More →