Tripwire Patch Priority Index for August 2022

Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution, and security feature bypass. Up next are patches that affect components of the Windows operating […]

Continue Reading

Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post. Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition […]

Continue Reading

Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post. Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition […]

Continue Reading

Top CVE Trends — And What You Can Do About Them

Cybersecurity awareness, protection, and prevention is all-encompassing. In addition to implementing the right tools and resources, and hiring skilled professionals with the right cybersecurity education and experience, organizations should be aware of the latest CVEs. What Is a CVE? The acronym “CVE” stands for Common Vulnerabilities and Exposures, and it refers to known computer security […]

Continue Reading

Vulnerability Spotlight: Vulnerabilities in Open Automation Software Platform could lead to information disclosure, denial of service

Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered eight vulnerabilities in the Open Automation Software Platform that could allow an adversary to carry out a variety of malicious actions, including improperly authenticating into… [[ This is only the beginning! Please visit the blog for the complete entry […]

Continue Reading

Vulnerability Spotlight: Vulnerabilities in Open Automation Software Platform could lead to information disclosure, denial of service

Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered eight vulnerabilities in the Open Automation Software Platform that could allow an adversary to carry out a variety of malicious actions, including improperly authenticating into… [[ This is only the beginning! Please visit the blog for the complete entry […]

Continue Reading

Prioritize patching vulnerabilities associated with ransomware

A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022. In the last quarter, ransomware attacks have made mainstream headlines on a near-daily basis, with groups like Lapsus$ and Conti’s names splashed across the page. Major organizations like […]

Continue Reading

Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw.  Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a… [[ This is only the beginning! Please visit the blog for the complete entry ]]

Continue Reading

Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw.  Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a… [[ This is only the beginning! Please visit the blog for the complete entry ]]

Continue Reading