May 2021

Have Unpatched Systems Become the Biggest Security Liability? Have Unpatched Systems Become the Biggest Security Liability? Breaches due to unpatched systems are big news these days. Six weeks after Microsoft issued a patch for Exchange server, almost 10% of enterprises...

Linux Vulnerabilities of the Week: May 24, 2021 1. A heap-based buffer overflow in libxml2 (<9.11) Severity: Important    CVSS Score: 8.6 There is a vulnerability in the XML entity encoding functionality of libxml2. which allows an attacker who supplied a...

What We Can Learn From the Colonial Pipeline Ransomware Attack What We Can Learn from the Colonial Pipeline Ransomware Attack The DarkSide hacking group successfully infiltrated the systems of the Colonial Pipeline, locked IT out, and demanded ransom. This shut...

Linux Vulnerabilities of the Week: May 17, 2021 1. A Linux kernel (<11.9) use-after-free flaw in drivers/vhost/vdpa.c Severity: Important    CVSS Score: 7.8 This is a vulnerability in the Linux kernel. An invalid value upon reopening a character device can cause...

Facebook Hack Makes Vulnerability Scanning More Important Than Ever Facebook Data Breach Impacts Billions of Users A recent data breach compromised the data and personal information of more than half a billion Facebook users. If your name or your company...

Watch Out for Microsoft End-of-Life Announcements The Risks of Legacy OS Aging operating systems (OSes), browsers, and applications can bring plenty of trouble for the enterprise. And with Microsoft providing so much software to the world, its end-of-life announcements can...

Google Chrome Vulnerability Being Weaponized Chrome Zero-Day Is Currently Weaponized Google has released Chrome_v9 90.0.4430.212 today to the Stable Channel and is impacting Windows, Linux and Mac OS, fixing a total of 43 vulnerabilities. So far this year, Google released...

May Patch Tuesday 2021 Fixes 55 Vulnerabilities Patch Tuesday Addresses 55 New Flaws, Including Public Aware Threats There are 2 Critical, 50 Important and 1 Moderate fixes this month for Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE),...

Linux Vulnerabilities of the Week: May 10, 2021 1. Resource exhaustion because of receiving an invalid large TLS frame in Eclipse Jetty Severity: Important    CVSS Score: 7.5 This is a vulnerability in Eclipse Jetty. When using SSL/TLS with Jetty, the...

DarkSide Ransomware Targets US Critical Infrastructure DarkSide Ransomware Behind Colonial Pipeline Hack Colonial Pipeline provides 45% of the fuel supply of the eastern seaboard of the USA. Early Saturday, reports surfaced that the Oil and Gas behemoth had temporarily stopped...