CVE-2022-27511, CVE-2022-27512: Patches for Two Citrix Application Delivery Management Vulnerabilities
June 17, 2022Citrix patches a “nasty bug” in its Application Delivery Management solution that is difficult to exploit.
Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)
June 14, 2022Microsoft addresses 55 CVEs in its June 2022 Patch Tuesday release, including three critical flaws.
CVE-2022-26134: Zero-Day Vulnerability in Atlassian Confluence Server and Data Center Exploited in the Wild
June 3, 2022A critical vulnerability in Atlassian Confluence Server and Data Center has been exploited in the wild by multiple threat actors. Organizations should review and implement mitigation guidance until a patch becomes available.
CVE-2022-30190: Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild
May 31, 2022Microsoft confirms remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool that has been exploited in the wild since at least April.
Twitter Crypto Scams: Bored Ape Yacht Club, Azuki and Other Projects Impersonated to Steal NFTs, Digital Currencies
May 26, 2022Scammers are using verified and unverified accounts to impersonate notable NFT projects like Bored Ape Yacht Club and others, tagging Twitter users to drive them to phishing websites.
CVE-2022-22972: VMware Patches Additional Workspace ONE Access Vulnerabilities (VMSA-2022-0014)
May 18, 2022Organizations and government agencies are strongly advised to patch two newly disclosed vulnerabilities in VMware products, following warnings from VMware and the Cybersecurity and Infrastructure Security Agency.
Microsoft’s May 2022 Patch Tuesday Addresses 73 CVEs (CVE-2022-26925)
May 10, 2022Microsoft addresses 73 CVEs in its May 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild.
CVE-2022-1388: Authentication Bypass in F5 BIG-IP
May 5, 2022CVE-2022-1388: Authentication Bypass in F5 BIG-IP F5 patched an authentication bypass in its BIG-IP product family that could lead to arbitrary command execution. This vulnerability is actively...
Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services
April 21, 2022Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services Amazon Web Services has addressed vulnerabilities introduced by the hot patches released in response to the ...
Oracle April 2022 Critical Patch Update Addresses 221 CVEs
April 20, 2022Oracle addresses 221 CVEs in its second quarterly update of 2022 with 520 patches, including 27 critical updates.
Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)
April 12, 2022Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521) Microsoft addresses 117 CVEs in its April 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of whi...
VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and Lifecycle Manager and vRealize (VMSA-2022-0011)
April 7, 2022VMware cautions organizations to patch or mitigate several serious vulnerabilities across multiple products.