PrintNightmare, Critical Windows Print Spooler Vulnerability

Original release date: June 30, 2021The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft…

Comments Off on PrintNightmare, Critical Windows Print Spooler Vulnerability

CISA’s CSET Tool Sets Sights on Ransomware Threat

Original release date: June 30, 2021CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that…

Comments Off on CISA’s CSET Tool Sets Sights on Ransomware Threat

CISA Begins Cataloging Bad Practices that Increase Cyber Risk

Original release date: June 29, 2021In a blog post by Executive Assistant Director (EAD) Eric Goldstein, CISA announced  the creation of a catalog to document bad cybersecurity practices that are exceptionally risky…

Comments Off on CISA Begins Cataloging Bad Practices that Increase Cyber Risk

Vulnerability Summary for the Week of June 21, 2021

Original release date: June 28, 2021 High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- nuttxApache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc…

Comments Off on Vulnerability Summary for the Week of June 21, 2021

Citrix Releases Security Updates for Hypervisor

Original release date: June 25, 2021Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and…

Comments Off on Citrix Releases Security Updates for Hypervisor

VMware Releases Security Updates

Original release date: June 23, 2021VMware has released security updates to address vulnerabilities in the VMware Carbon Black App Control management server as well as VMware Tools for Windows, VMware…

Comments Off on VMware Releases Security Updates

Vulnerability Summary for the Week of June 14, 2021

Original release date: June 21, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info bloofox -- bloofoxcms bloofoxCMS 0.5.2.1 is infected with Unrestricted File…

Comments Off on Vulnerability Summary for the Week of June 14, 2021

Apple Releases Security Updates for iOS 12.5.4

Original release date: June 15, 2021Apple has released security updates to address vulnerabilities in iOS 12.5.4. An attacker could exploit these vulnerabilities to take control of an affected system. CISA…

Comments Off on Apple Releases Security Updates for iOS 12.5.4

CISA Releases Advisory on ZOLL Defibrillator Dashboard

Original release date: June 14, 2021CISA has released an Industrial Controls Systems (ICS) Medical Advisory on multiple vulnerabilities in the ZOLL Defibrillator Dashboard. A remote attacker could exploit some of…

Comments Off on CISA Releases Advisory on ZOLL Defibrillator Dashboard

Vulnerability Summary for the Week of June 7, 2021

Original release date: June 14, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info aomedia -- aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24…

Comments Off on Vulnerability Summary for the Week of June 7, 2021