Alerts
Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.
Critical Vulnerability in Realtek Devices Affects Millions of Devices
29 Aug 2022
A critical vulnerability tracked asCVE-2022-27255was reported to be affecting the network devices of Realtek’s SDK system.
Read More
Apple releases fix zero-day vulnerabilities used in attacks
26 Aug 2022
On 18thAugust 2022 Apple Inc. released a security update for a zero-day vulnerability exploited in Safari 15.6.1 for macOS Big Sur and Catalina to hack Macs.
Read More
Microsoft August 2022 Patch Tuesday
10 Aug 2022
Microsoft August 2022 Patch Tuesday (9th August 2022) released patches for 2 zero-day vulnerabilities and 121 vulnerabilities.
Read More
Django release patches for SQL Injection Vulnerability
2 Aug 2022
A security advisory was released by Django project on a high severity SQL (structured query language ) Injection vulnerability. The vulnerability is tracked asCVE-2022-34265and affect Django’s main branch and versions 4.1, 4.0, and 3.2.
Read More
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
1 Aug 2022
VMware finally released patch after eight months of disclosing the high severity vulnerability in VMware vCenter Server’s Integrated Windows Authentication (IWA) authentication mechanism. (tracked asCVE-2021-22048)
Read More
CISA urges users to update necessary patches in Cisco Products
25 Jul 2022
On 22ndJuly 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory on Cisco Systems Inc. addressing multiple vulnerabilities in Cisco products. Threat actors could exploit by allowing an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.
Read More
Critical Vulnerability in Confluence Server and Data center
22 Jul 2022
Atlassian disclosed a critical vulnerability tracked asCVE-2022-26134on 2nd June 2022. This is a Critical severity unauthenticated remote code execution vulnerability in Confluence Server and Data Center.
Read More
Google Patches Zero – day Vulnerability in Chrome
11 Jul 2022
Google on last Monday 4thJuly 2022 released an emergency chrome update to fix a high severity zero – day attack. The flaw is tracked asCVE-2022-2294is a Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01. The result of successful heap overflow exploitation enables attackers to execute arbitrary code to bypass security solutions on unpatched Chrome versions and will lead to program crashes.
Read More
Amazon has Fixed a High Severity Vulnerability in Amazon Photos Android App
5 Jul 2022
On 28th June 2022, Checkmarx has reported that Amazon Inc’s Amazon Photos Android app has a high-severity broken authentication vulnerability affecting user who have downloaded. This malicious app steals the users Amazon access token. Currently, 50 million has downloaded this app on the Google Play Store.
Read More
CISA urges organizations to update Firefox, Firefox ESR, and Thunderbird
4 Jul 2022
On 28thJune 2022, The Mozilla Foundation has released patch to fix multiple vulnerabilities in Firefox, Firefox ESR, and Thunderbird.
Read More
Ransomware Exploiting Mitel VOIP Zero-Day
27 Jun 2022
On June 23rd2022 Crowdstrike released a report mentioning about a zero-day exploit tracked as CVE-2022-29499 (CVSS v3 score: 9.8 – critical). This vulnerability is used to perform remote code execution (RCE) in Mitel Service Appliance component of MiVoice Connect, used in SA 100, SA 400, and Virtual SA. And is used to gain initial access to the network.
Read More
Adobe patched 46 Security Flaws in a Wide Range of Enterprise-facing Software Products
20 Jun 2022
On Patch Tuesday release for June, Adobe released multiple security advisories to address 46 vulnerabilities in a wide range of enterprise-facing software products. The Most critical is the code execution flaws that expose macOS and Windows users to malicious attacks. The flaws affect Adobe Animate, Adobe Bridge, Adobe Illustrator, Adobe InCopy, Adobe InDesign, and RoboHelp Server.
Read More