AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on…

Comments Off on AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Vulnerability Summary for the Week of July 12, 2021

Original release date: July 19, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info echobh -- sharecare Echo ShareCare 8.15.5 is susceptible to SQL…

Comments Off on Vulnerability Summary for the Week of July 12, 2021

SAP Releases July 2021 Security Updates

Original release date: July 13, 2021SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off on SAP Releases July 2021 Security Updates

CISA Issues Emergency Directive on Microsoft Windows Print Spooler

Original release date: July 13, 2021CISA has issued Emergency Directive (ED) 21-04: Mitigate Windows Print Spooler Service Vulnerability addressing CVE-2021-34527. Attackers can exploit this vulnerability to remotely execute code with system…

Comments Off on CISA Issues Emergency Directive on Microsoft Windows Print Spooler

Microsoft Releases July 2021 Security Updates

Original release date: July 13, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an…

Comments Off on Microsoft Releases July 2021 Security Updates

Critical ForgeRock Access Management Vulnerability

Original release date: July 12, 2021Malicious cyber actors are actively exploiting a pre-authorization remote code execution vulnerability (CVE-2021-35464) in ForgeRock Access Management—a commercial open access management solution that is based…

Comments Off on Critical ForgeRock Access Management Vulnerability