Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Microsoft Patches 63 Vulnerabilities, 2 0-Days & 30 RCEs
September 14, 2022 Microsoft Patches 63 Vulnerabilities, 2 0-Days & 30 RCEs As part of September’s monthly security rollup updates, Microsoft has patched 2 actively exploited Zero-day and 30 remote code execution vulnerabilities. Overall, Microsoft has patched 63 vulnerabilities across Windows, Windows Server, Office, Azure, Visual studio, and other products. The Zero-Day Vulnerabilities CVE-2022-37969 (CVSS 3.1: 7.8,…
-
Threat Intelligence
Critical WordPress WPGateway premium plugin Actively Exploited 0-Day
September 14, 2022 Critical WordPress WPGateway premium plugin Actively Exploited 0-Day According to an advisory by WordFence, a critical privilege escalation 0-Day vulnerability affecting the “WPGateway” WordPress plugin was identified Actively Exploited in the Wild. The Vulnerability CVE-2022-3180 (CVSS 3.1: 9.8, Critical) – A critical privilege escalation vulnerability allows unauthenticated attackers to add a rogue user…
-
Threat Intelligence
HP Patches a Severe Vulnerability in Pre-Installed Support Assistant Tool
September 9, 2022 HP Patches a Severe Vulnerability in Pre-Installed Support Assistant Tool A recently discovered vulnerability in HP Support Assistant, a software that comes pre-installed on all HP laptops and desktop PCs, was publicly disclosed by HP in a security advisory. The Vulnerability: CVE-2022-38395 (CVSS score: 8.2) – A DLL hijacking vulnerability that occurs…
-
Threat Intelligence
QNAP Patches Zero-day Vulnerability Exploited by Deadbolt Ransomware
September 6, 2022 QNAP Patches Zero-day Vulnerability Exploited by Deadbolt Ransomware QNAP has issued a warning to customers of ongoing “DeadBolt” ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. Affected Products QTS 5.0.1 Photo Station Fixed in 6.1.2 and later. QTS 5.0.0/4.5.x Photo Station Fixed in 6.0.22 and later.…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
September 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day. The updated version is 105.0.5195.102 for Windows, Mac and Linux. The 0-Day Vulnerability CVE-2022-3075, High severity -Insufficient data validation Vulnerability in Mojo. Successful exploitation of this vulnerability may lead to Remote Code…
-
Threat Intelligence
Google Patches 24 Chrome Vulnerabilities, 1 Critical RCE
August 31, 2022 Google Patches 24 Chrome Vulnerabilities, 1 Critical RCE Google has patched Critical Remote Code Execution vulnerability in Chrome. The newly released Chrome version 105.0.5195.52/53/54 for Windows, and 105.0.5195.52 for Mac and Linux addresses 24 vulnerabilities overall. The Critical Vulnerability CVE-2022-3038, Critical severity – Use after free Vulnerability in Network Service. Successful exploitation…
-
Threat Intelligence
Adobe Patches Acrobat 3 Critical ACEs
August 10, 2022 Adobe Patches Acrobat 3 Critical ACEs Adobe has released a serious security update for its Acrobat and Reader products, addressing 7 reported vulnerabilities, 3 of which might lead to arbitrary code execution attacks. In addition, Adobe released updates for the following products – Adobe Commerce, Illustrator, FrameMaker, Premiere Elements. The ACE Vulnerabilities CVE-2022-35665…
-
Threat Intelligence
HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products
August 10, 2022 HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products HP issued an announcement stating that vulnerabilities in the system BIOS of select HP PC models have been detected, which may lead to arbitrary code execution, privilege escalation, denial of service, and information leaking. HP is currently working on the…
-
Threat Intelligence
RARLAB Patches RCE in UnRAR
August 10, 2022 RARLAB Patches RCE in UnRAR RARLAB, the company that also develops WinRAR, has patched a remote code execution vulnerability in UnRAR (the Unix/Linux version of WinRAR). When a program or a victim user extracts an untrusted archive, the attacker has the ability to create files outside of the target extraction directory and execute…
-
Threat Intelligence
Microsoft Patches One 0-Days & 31 RCE Vulnerabilities
August 10, 2022 Microsoft Patches One 0-Days & 31 RCE Vulnerabilities As part of August’s monthly security rollup updates, Microsoft has patched one 0-Day and 31 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 121 vulnerabilities across Windows, Azure, Active Directory, Hyper-V, Exchange, and others. The Zero-Day Vulnerability CVE-2022-34713 (CVSS 3.1: 7.2, High Severity) – Path…
-
Threat Intelligence
Google Patches 7 High-Severity Chrome Vulnerabilities
August 4, 2022 Google Patches 7 High-Severity Chrome Vulnerabilities Google has released Chrome version 104.0.5112.79 (Mac/Linux) and 104.0.5112.79/80/81 (Windows), patching 27 vulnerabilities, including 7 High-Severity ‘use-after-free’ vulnerabilities which may lead to remote code execution (RCE). The High-Severity Vulnerabilities CVE-2022-2603, High Severity – Use after free in Omnibox. CVE-2022-2604, High Severity – Use after free in…
-
Threat Intelligence
Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers
August 4, 2022 Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers Cisco has patched critical security vulnerabilities that allowed unauthenticated remote attackers to execute arbitrary code or commands and cause denial of service (DoS) conditions on vulnerable devices. The vulnerabilities were discovered in the web-based management interfaces and the web filter database update feature,…