Alerts

Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.

Cybersecurity Architecture
Microsoft fixes 2 zero-days on December 2022 Patch Tuesday
Microsoft fixes 2 zero-days on December 2022 Patch Tuesday

14 Dec 2022

On 13thDecember 2022 was the December Patch Tuesday, and 2 zero-day vulnerabilities and 49 flaws were fixed.

Read More
Flaws in Cisco Secure Email Gateway
Flaws in Cisco Secure Email Gateway

6 Dec 2022

Cisco Systems Inc. has  issued a bug report on alerting the public about a flaw in the Sophos and McAfee scanning engines of the Cisco Secure Email Gateway. This vulnerability might be exploited by an unauthenticated, remote attacker to bypass specific filtering features.

Read More
Google releases an urgent Chrome upgrade
Google releases an urgent Chrome upgrade

29 Nov 2022

In order to patch the eight zero-day vulnerabilities in its Chrome web browser, Google released software updates on 24thNovember 2022.

Read More
Active Exploitations in Cisco AnyConnect VPN Vulnerabilities
Active Exploitations in Cisco AnyConnect VPN Vulnerabilities

24 Nov 2022

Threat actors are reportedly using the Cisco AnyConnect Secure Mobility Client for Windows’ vulnerabilities, CVE-2020-3433 and CVE-2020-3153, in the field. These flaws give the attacker access to the system folders of the affected Windows machines and the ability to copy files there with system privileges.

Read More
Multiple vulnerabilities in Fortinet products
Multiple vulnerabilities in Fortinet products

15 Nov 2022

Security researchers at Horizon3 reported on 13thOctober 2022, that the critical vulnerability, designated CVE-2022-40684, affecting a number of Fortinet products (FortiOS, FortiProxy, and FortiSwitchManager), had been successfully reproduced and exploited. The researchers published a thorough technical study and a functioning proof-of-concept (PoC) exploit code for the vulnerability.

Read More
Vulnerabilities in Abode Systems home security kit
Vulnerabilities in Abode Systems home security kit

3 Nov 2022

The iota All-In-One Security Kit from Abode Systems Inc. was found to have numerous vulnerabilities. On October 20, 2022 Cisco Talos Intelligence Group published an advisory mentioning about the vulnerabilities. The Abode system detects and notifies consumers of unlawful movement in their homes using geofencing, application control, and a security camera. Similar to smart home technologies like Alexa, Google Home, and Apple HomeKit, it operates through a smartphone app.

Read More
vm2 Sandbox Vulnerability allows RCE
vm2 Sandbox Vulnerability allows RCE

18 Oct 2022

Recently, it was discovered that VM2, a widely used JavaScript sandbox library, contained the “Sandbreak” critical-severity remote code execution (RCE) vulnerability. The vulnerability is tracked as CVE-2022-36067 has a CVSS rating of 10.

Read More
Zero-Day RCE Vulnerability in Sophos Firewall
Zero-Day RCE Vulnerability in Sophos Firewall

4 Oct 2022

Sophos Group plc the British based security software and hardware company released a security advisory fixing a critical vulnerability.

Read More
Apple Vulnerabilities added to CISA Catalog
Apple Vulnerabilities added to CISA Catalog

27 Sep 2022

US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory a security update of Apple Inc. The advisory said to address the vulnerability in iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).  The vulnerabilities were reported by an anonymous researcher.

Read More
VMware Patches Privilege Escalation affecting VMware Tools
VMware Patches Privilege Escalation affecting VMware Tools

13 Sep 2022

VMware published a security advisory addressing an important-severity vulnerability on August 23, 2022. The vulnerability, identified asCVE-2022-31676, has a CVSS vulnerability severity rating of 7.0.

Read More
Google Patch Sixth Zero-day
Google Patch Sixth Zero-day

8 Sep 2022

Google issued a critical security update for Google Chrome version 105.0.5195.102 for Windows, Mac, and Linux on September 02, 2022. In response to a researcher finding and tracking the high-severity zero-day vulnerabilityCVE-2022-3075, Google released this urgent security patch. According to Google, this is the sixth Chrome zero-day vulnerability of 2022 that has been fixed.

Read More
Multiple Vulnerabilities in GitLab CE and EE are Fixed by GitLab
Multiple Vulnerabilities in GitLab CE and EE are Fixed by GitLab

6 Sep 2022

GitLab published a security advisory on August 30, 2022, to remedy a critical security flaw that has been recorded as CVE-2022-2992 (with a CVSS score of 9.9) GitLab Community Edition (CE) and Enterprise Edition (EE) are impacted by this security flaw. The vulnerability was found and reported to HackerOne’s bug bounty program by security researcher called Vakzz.

Read More