BrakTooth

A set of latest safety vulnerabilities has been disclosed in business Bluetooth stacks that would allow an adversary to execute arbitrary code and, worse, crash the gadgets through denial-of-service (DoS) assaults. Collectively dubbed “BrakTooth” (referring to the Norwegian phrase “Brak” which interprets to “crash”), the 16 safety weaknesses span throughout 13 Bluetooth chipsets from 11 […]

QNAP OpenSSL

Community-attached storage (NAS) equipment maker QNAP mentioned it is currently investigating two just lately patched safety flaws in OpenSSL to find out their potential affect, including it’ll launch safety updates ought to its merchandise change into susceptible. Tracked as CVE-2021-3711 (CVSS rating: 7.5) and CVE-2021-3712 (CVSS rating: 4.4), the weaknesses concern a high-severity buffer overflow […]

Kaseya

U.S. expertise agency Kaseya has released safety patches to deal with two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity resolution that might lead to privilege escalation and authenticated distant code execution. The 2 weaknesses are a part of a trio of vulnerabilities found and reported by researchers on the Dutch Institute for Vulnerability […]

VMware

VMware on Wednesday shipped security updates to handle vulnerabilities in a number of merchandise that could possibly be probably exploited by an attacker to take management of an affected system. The six safety weaknesses (from CVE-2021-22022 by way of CVE-2021-22027, CVSS scores: 4.4 – 8.6) have an effect on VMware vRealize Operations (previous to model […]

ProxyShell Flaws

The U.S. Cybersecurity and Infrastructure Safety Company is warning of energetic exploitation makes an attempt that leverage the most recent line of “ProxyShell” Microsoft Change vulnerabilities that have been patched earlier this Could, together with deploying LockFile ransomware on compromised methods. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities allow adversaries to bypass ACL controls, […]

Realtek Wi-Fi

Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software program improvement kits (SDKs) accompanying its WiFi modules, that are utilized in virtually 200 IoT units made by at the least 65 distributors. The issues, which have an effect on Realtek SDK v2.x, Realtek “Jungle” SDK v3.0/v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek “Luna” SDK as […]

Safety researchers have disclosed as many as 40 completely different vulnerabilities related to an opportunistic encryption mechanism in mail purchasers and servers that would open the door to focused man-in-the-middle (MitM) assaults, allowing an intruder to forge mailbox content material and steal credentials. The now-patched flaws, recognized in varied STARTTLS implementations, have been detailed by […]