Ελληνικά
By Eduard Kovacs Adobe on Tuesday announced that it has patched a total of 10 vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. Adobe has patched (https://helpx.adobe.com/security.html/security/security-bulletin.ug.html) four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and […]
Author Archives: CSIRT
Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. These 81 vulnerabilities (including Microsoft Edge) are classified as: 21 […]
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing […]
Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack […]
By Jonathan Greig A number of websites and services reported issues on Thursday thanks to the expiration of a root certificate provided by Let’s Encrypt, one of the largest providers of HTTPS certificates. At around 10 am ET, IdentTrust DST Root CA X3 expired according to Scott Helme, founder of Security Headers. He has been tracking […]