Tag: vulnerability

Choosing your MSP: What the Kaseya incident tells us about third‑party cyber risk

July 14, 2021

Lessons to learn from the Kaseya cyberincident to protect your business’ data when doing business with a MSP. Managed service providers (MSPs) play a critical role in the IT ecosystem. By outsourcing many of their day-to-day IT requirements to these companies, smaller organizations in particular can save costs, improve service levels and focus more resources … More Choosing your MSP: What the Kaseya incident tells us about third‑party cyber risk

Microsoft issues patch to fix PrintNightmare zero‑day bug

July 9, 2021

The out-of-band update fixes a remote code execution flaw affecting the Windows Print Spooler service. Microsoft on Wednesday released an emergency update to plug a vulnerability in  the Windows Print Spooler service that is being actively exploited in the wild. Dubbed PrintNightmare, the zero-day security flaw affects all versions of the Microsoft Windows operating system going back … More Microsoft issues patch to fix PrintNightmare zero‑day bug

ESET joins ranks as a CVE Numbering Authority (CNA)

June 29, 2021

Working in concert with the Common Vulnerabilities and Exposures (CVE®) Program, ESET, the leading Europe-based endpoint protection platform vendor, is authorized by the CVE Program as a CVE Numbering Authority (CNA). Organizations designated as CNAs are responsible for the assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the vulnerability in … More ESET joins ranks as a CVE Numbering Authority (CNA)

Google fixes actively exploited Chrome zero‑day

June 11, 2021

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions. Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and … More Google fixes actively exploited Chrome zero‑day

Zero‑day in popular WordPress plugin exploited to take over websites

June 4, 2021

Websites using Fancy Product Designer are susceptible to remote code execution attacks even if the plugin is deactivated. Cybercriminals have been actively exploiting a zero-day vulnerability in Fancy Product Designer, a WordPress plugin used by more than 17,000 websites, according to a blog post by Defiant, which makes Wordfence security plugins for the web publishing platform. Attackers … More Zero‑day in popular WordPress plugin exploited to take over websites