Google says Barcelona-based spyware vendor Variston planted spyware by exploiting zero-day flaws in Chrome, Firefox, and Windows between 2018 and 2022 (Carly Page/TechCrunch)

November 30, 2022

Carly Page / TechCrunch:
Google says Barcelona-based spyware vendor Variston planted spyware by exploiting zero-day flaws in Chrome, Firefox, and Windows between 2018 and 2022 — A Barcelona-based company that bills itself as a custom security solutions provider exploited several zero-day vulnerabilities in Windows …

Categories: Uncategorized

Microsoft releases 68 security fixes, including patches for six actively exploited Windows zero-day flaws and 11 vulnerabilities classified as Critical (Lawrence Abrams/BleepingComputer)

Lawrence Abrams / BleepingComputer:
Microsoft releases 68 security fixes, including patches for six actively exploited Windows zero-day flaws and 11 vulnerabilities classified as Critical — Today is Microsoft’s November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a total of 68 flaws.

November 9, 2022

Microsoft releases 63 security fixes, including patches for two zero-day flaws, one of which is under active exploit, and five critical RCE vulnerabilities (Lawrence Abrams/BleepingComputer)

Lawrence Abrams / BleepingComputer:
Microsoft releases 63 security fixes, including patches for two zero-day flaws, one of which is under active exploit, and five critical RCE vulnerabilities — Today is Microsoft’s September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws.

September 14, 2022

Google updates Chrome to address an actively exploited high-severity zero-day vulnerability in Mojo, its sixth patch for zero-day vulnerabilities in 2022 (Sergiu Gatlan/BleepingComputer)

Sergiu Gatlan / BleepingComputer:
Google updates Chrome to address an actively exploited high-severity zero-day vulnerability in Mojo, its sixth patch for zero-day vulnerabilities in 2022 — Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw …

September 6, 2022

Microsoft confirms two zero-day vulnerabilities in Exchange Server 2013, 2016, and 2019 are being exploited; one researcher suspects a Chinese threat actor (Sergiu Gatlan/BleepingComputer)

Sergiu Gatlan / BleepingComputer:
Microsoft confirms two zero-day vulnerabilities in Exchange Server 2013, 2016, and 2019 are being exploited; one researcher suspects a Chinese threat actor — Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild.

September 30, 2022

Cisco Talos: the Lazarus group exploited Log4j to compromise VMware Horizon and target energy providers in the US, Canada, and Japan from February to July 2022 (Carly Page/TechCrunch)

Carly Page / TechCrunch:
Cisco Talos: the Lazarus group exploited Log4j to compromise VMware Horizon and target energy providers in the US, Canada, and Japan from February to July 2022 — Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers …

September 9, 2022

Fortinet confirms a critical remote authentication bypass vulnerability in FortiOS, FortiProxy, and FortiSwitchManager is being exploited; a patch is available (Sergiu Gatlan/BleepingComputer)

Sergiu Gatlan / BleepingComputer:
Fortinet confirms a critical remote authentication bypass vulnerability in FortiOS, FortiProxy, and FortiSwitchManager is being exploited; a patch is available — Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild.

October 10, 2022

Related Articles