Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites.
Original release date: November 12, 2021
VMware has released a security update to address a vulnerability in Tanzu Application Service for VMs. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.
CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0026 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: November 12, 2021
CISA has released an Industrial Control Systems Advisory (ICSA) related to a public report detailing vulnerabilities found in multiple open-source and proprietary Object Management Group (OMG) Data-Distribution Service (DDS) implementations. Successful exploitation of these vulnerabilities could result in denial-of-service or buffer-overflow conditions, which may lead to remote code execution or information exposure.
CISA encourages users and administrators to review ICSA-21-315-02: Multiple Data Distribution Service (DDS) Implementations and apply the necessary updates as quickly as possible.
This product is provided subject to this Notification and this Privacy & Use policy.
BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities.
Original release date: November 12, 2021
Palo Alto Networks has released security updates to address a vulnerability affecting PAN-OS firewall configurations with GlobalProtect portal and gateway interfaces. These updates address a vulnerability that only affects old versions of PAN-OS (8.1.16 and earlier). An unauthenticated attacker with network access could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Palo Alto Security Advisory for CVE-2021-3064 and apply the necessary updates or workarounds.
This product is provided subject to this Notification and this Privacy & Use policy.
Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
Categories
VMware Releases Security Advisory
Original release date: November 11, 2021
VMware has released a security advisory to address a privilege escalation vulnerability in vCenter Server and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0025 and apply the necessary workaround. Â
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: November 11, 2021
Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system. Â
CISA encourages users and administrators to review the Apple security page and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances.