Adobe Releases Security Updates for Acrobat and Reader

Original release date: November 4, 2020Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of…

Comments Off on Adobe Releases Security Updates for Acrobat and Reader

Google Releases Security Updates for Chrome, CVE-2020-16009

Original release date: November 3, 2020Google has released Chrome version 86.0.4240.183 for Windows, Mac, and Linux addressing multiple vulnerabilities, including vulnerability CVE-2020-16009. Exploit code for this vulnerability exists in the…

Comments Off on Google Releases Security Updates for Chrome, CVE-2020-16009

Vulnerability Summary for the Week of October 26, 2020

Original release date: November 2, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of October 26, 2020

Oracle Releases Out-of-Band Security Alert

Original release date: November 2, 2020Oracle has released an out-of-band security alert to address a remote code execution vulnerability—CVE-2020-14750—in Oracle WebLogic Server. A remote attacker can exploit this vulnerability to…

Comments Off on Oracle Releases Out-of-Band Security Alert

Microsoft Warns of Continued Exploitation of CVE-2020-1472

Original release date: October 29, 2020Microsoft has released a blog post on cyber threat actors exploiting CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit…

Comments Off on Microsoft Warns of Continued Exploitation of CVE-2020-1472

AR20-303B: MAR-10310246-1.v1 – ZEBROCY Backdoor

Original release date: October 29, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-303B: MAR-10310246-1.v1 – ZEBROCY Backdoor

CISA and CNMF Identify a New Malware Variant: Zebrocy

Original release date: October 29, 2020Content: The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant—referred to…

Comments Off on CISA and CNMF Identify a New Malware Variant: Zebrocy

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

Original release date: October 29, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified…

Comments Off on CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT