Alerts

Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.

Cybersecurity Architecture
Critical Vulnerability in Realtek Devices Affects Millions of Devices
Critical Vulnerability in Realtek Devices Affects Millions of Devices

29 Aug 2022

A critical vulnerability tracked asCVE-2022-27255was reported to be affecting the network devices of Realtek’s SDK system.

Read More
Apple releases fix zero-day vulnerabilities used in attacks
Apple releases fix zero-day vulnerabilities used in attacks

26 Aug 2022

On 18thAugust 2022 Apple Inc. released a security update for a zero-day vulnerability exploited in Safari 15.6.1 for macOS Big Sur and Catalina to hack Macs.

Read More
Microsoft August 2022 Patch Tuesday
Microsoft August 2022 Patch Tuesday

10 Aug 2022

Microsoft August 2022 Patch Tuesday (9th August 2022) released patches for 2 zero-day vulnerabilities and 121 vulnerabilities.

Read More
Django release patches for SQL Injection Vulnerability
Django release patches for SQL Injection Vulnerability

2 Aug 2022

A security advisory was released by Django project on a high severity SQL (structured query language ) Injection vulnerability. The vulnerability is tracked asCVE-2022-34265and affect Django’s main branch and versions 4.1, 4.0, and 3.2.

Read More
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

1 Aug 2022

VMware finally released patch after eight months of disclosing the high severity vulnerability in VMware vCenter Server’s Integrated Windows Authentication (IWA) authentication mechanism. (tracked asCVE-2021-22048)

Read More
CISA urges users to update necessary patches in Cisco Products
CISA urges users to update necessary patches in Cisco Products

25 Jul 2022

On 22ndJuly 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory on Cisco Systems Inc. addressing multiple vulnerabilities in Cisco products. Threat actors could exploit by allowing an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.

Read More
Critical Vulnerability in Confluence Server and Data center
Critical Vulnerability in Confluence Server and Data center

22 Jul 2022

Atlassian disclosed a critical vulnerability tracked asCVE-2022-26134on 2nd June 2022. This is a Critical severity unauthenticated remote code execution vulnerability in Confluence Server and Data Center.

Read More
Google Patches Zero – day Vulnerability in Chrome
Google Patches Zero – day Vulnerability in Chrome

11 Jul 2022

Google on last Monday 4thJuly 2022 released an emergency chrome update to fix a high severity zero – day attack. The flaw is tracked asCVE-2022-2294is a Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01. The result of successful heap overflow exploitation enables attackers to execute arbitrary code to bypass security solutions on unpatched Chrome versions and will lead to program crashes.

Read More
Amazon has Fixed a High Severity Vulnerability in Amazon Photos Android App
Amazon has Fixed a High Severity Vulnerability in Amazon Photos Android App

5 Jul 2022

On 28th June 2022, Checkmarx has reported that Amazon Inc’s Amazon Photos Android app has a high-severity broken authentication vulnerability affecting user who have downloaded. This malicious app steals the users Amazon access token. Currently, 50 million has downloaded this app on the Google Play Store.

Read More
CISA urges organizations to update Firefox, Firefox ESR, and Thunderbird
CISA urges organizations to update Firefox, Firefox ESR, and Thunderbird

4 Jul 2022

On 28thJune 2022, The Mozilla Foundation has released patch to fix multiple vulnerabilities in Firefox, Firefox ESR, and Thunderbird.

Read More
Ransomware Exploiting Mitel VOIP Zero-Day
Ransomware Exploiting Mitel VOIP Zero-Day

27 Jun 2022

On June 23rd2022 Crowdstrike released a report mentioning about a zero-day exploit tracked as CVE-2022-29499 (CVSS v3 score: 9.8 – critical).  This vulnerability is used to perform remote code execution (RCE) in Mitel Service Appliance component of MiVoice Connect, used in SA 100, SA 400, and Virtual SA. And is used to gain initial access to the network.

Read More
Adobe patched 46 Security Flaws in a Wide Range of Enterprise-facing Software Products
Adobe patched 46 Security Flaws in a Wide Range of Enterprise-facing Software Products

20 Jun 2022

On Patch Tuesday release for June, Adobe released multiple security advisories to address 46 vulnerabilities in a wide range of enterprise-facing software products. The Most critical is the code execution flaws that expose macOS and Windows users to malicious attacks. The flaws affect Adobe Animate, Adobe Bridge, Adobe Illustrator, Adobe InCopy, Adobe InDesign, and RoboHelp Server.

Read More