Current Activity

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation

Original release date: December 10, 2021The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote…

Comments Off

December 10, 2021

Current Activity

CISA Releases Security Advisory for Hillrom Welch Allyn Cardiology Products

Original release date: December 10, 2021CISA has released an Industrial Controls Systems Medical Advisory (ICSMA) detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products. An attacker could exploit this…

Comments Off

December 10, 2021

Current Activity

Cisco Releases Security Advisory for Multiple Products Affected by Apache HTTP Server Vulnerabilities

Original release date: December 9, 2021Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote…

Comments Off

December 9, 2021

Current Activity

CISA Releases Guidance on Protecting Organization-Run Social Media Accounts

Original release date: December 9, 2021CISA has released Capacity Enhancement Guide (CEG): Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber…

Comments Off

December 9, 2021

Current Activity

SonicWall Releases Security Advisory for SMA 100 Series Appliances

Original release date: December 8, 2021SonicWall has released a security advisory to address vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 series appliances. A remote attacker could exploit these vulnerabilities…

Comments Off

December 8, 2021

Current Activity

Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

Original release date: December 6, 2021Zoho has released a security advisory to address an authentication bypass vulnerability in ManageEngine Desktop Central and Desktop Central MSP. An attacker could exploit this…

Comments Off

December 6, 2021

Current Activity

CISA Releases Security Advisory on WebHMI Vulnerabilities

Original release date: December 6, 2021CISA has released an Industrial Controls Systems (ICS) advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to…

Comments Off

December 6, 2021

Current Activity

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Original release date: December 2, 2021CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is…

Comments Off

December 3, 2021

Current Activity

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

Original release date: December 2, 2021CISA has announced the joint National Security Agency (NSA) and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part…

Comments Off

December 3, 2021

Current Activity

Mozilla Releases Security Updates for Network Security Services

Original release date: December 2, 2021Mozilla has released security updates to address a vulnerability in Network Security Services (NSS). An attacker could exploit this vulnerability to take control of an…

Comments Off

December 3, 2021