Categoria: Vulnerabilities

Cisco Patches Critical Vulnerability in Contact Center Products

Cisco on Wednesday announced patches for a critical vulnerability in Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited remotely to elevate privileges to administrator.

ZDI Announces Rules and Prizes for Pwn2Own 2022

Trend Micro’s Zero Day Initiative (ZDI) on Wednesday announced the targets, prizes and rules for Pwn2Own Vancouver 2022, scheduled to take place May 18-20 alongside the CanSecWest conference.

Apple Patches iOS HomeKit Flaw After Researcher Warning

Apple has released an iOS security update with a fix for a persistent denial-of-service flaw in the HomeKit software framework but only after an independent researcher publicly criticized the company for ignoring his discovery.

Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws

Mozilla has released Firefox 96 with patches for 18 security vulnerabilities affecting its flagship web browser and the Thunderbird mail program.

Of the newly patched security flaws, nine are rated high-severity while six carry a “medium-severity” rating.

Security Validation Firm Pentera Raises $150 Million at $1 Billion Valuation

Automated security validation firm has now raised nearly $190 million in funding

Boston, USA and Tel Aviv, Israel-based automated security validation (ASV) firm Pentera has raised $150 million in a Series C funding round led by K1 Investment Management, with participation from Evolution Equity Partners and Insight Partners.

Microsoft Introduces New Security Update Notifications

Microsoft this week announced updated notifications for the Security Update Guide, the page where the tech company informs users of vulnerabilities that affect Microsoft products.

ICS Patch Tuesday: Siemens, Schneider Electric Address 40 Vulnerabilities

The first round of security advisories released by Siemens and Schneider Electric in 2022 address a total of 40 vulnerabilities.

Siemens

CISA Adds 15 Recent and Older Vulnerabilities to ‘Must-Patch’ List

The United States Cybersecurity and Infrastructure Security Agency (CISA) this week added 15 more vulnerabilities to its list of security bugs known to be exploited in malicious attacks.

U.S. Issues Fresh Warning Over Russian Cyber Threats as Ukraine Tensions Mount

Several U.S. government agencies have issued a joint cybersecurity advisory to provide an overview of cyber operations linked to Russia. The advisory comes as tensions mount over a potential Russian invasion of Ukraine.

SAP Patches Log4Shell Vulnerability in More Applications

German software maker SAP this week announced its first set of security updates for 2022, including patches for more applications affected by the Log4Shell vulnerability.