Executive Summary Informations Name CVE-2021-2234 First vendor Publication 2021-04-22 Vendor Cve Last vendor Modification 2021-04-22 Security-Database Scoring CVSS v3 Cvss vector : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Overall CVSS Score 5.3 Base Score 5.3 Environmental Score 5.3 impact SubScore 3.6 Temporal Score 5.3 Exploitabality Sub Score 1.6 Attack Vector Network Attack Complexity High Privileges Required Low User Interaction…
Security hardware manufacturer SonicWall is urging customers to patch a set of three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. “In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild,’” SonicWall said in a security advisory published earlier today. The company said it’s “imperative” that organizations using…
Deep Instinct Closes $100 Million Series D New Funding to Fuel Hyper-Growth | IT Security News 22. April 2021 BlackRock funds lead investment as company positions itself as the next fastest-growing cybersecurity solutions provider with an aggressive growth trajectory. NEW YORK (April 22, 2021) – Deep Instinct, the first company to apply end-to-end deep learning, based…
At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. According to coordinated reports published by FireEye and Pulse Secure, two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors…
A new WhatsApp virus that promises to turn colour theme of your WhatsApp app to pink is being circulated. Internet security researcher Rajshekhar Rajaharia has warned against clicking on the APK link of the “WhatsApp Pink” Android app that is being circulated into groups. Also Read – WhatsApp ‘Stand up for Earth’ stickers introduced: How…
Endpoint Security , Internet of Things Security Standard Designed to Cut the Cost and Time to Securely Connect IoT Devices Prajeet Nair (@prajeetspeaks) • April 22, 2021 (Source: Pixabay) The Fido Alliance, an association that has developed voluntary authentication standards with a goal of minimizing the use of passwords, has launched an onboarding…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Stuart McKenzie of FireEye on the Importance of Testing Defenses Anna Delaney (annamadeline) • April 21, 2021 Stuart McKenzie, SVP, Mandiant Services, EMEA, FireEye Ransomware attacks now routinely feature multifaceted extortion efforts, and defenses need…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Agency Says Exploits Pose ‘Unacceptable Risk’ Scott Ferguson (Ferguson_Writes) • April 21, 2021 The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability…
Executive Summary Informations Name CVE-2021-20454 First vendor Publication 2021-04-21 Vendor Cve Last vendor Modification 2021-04-21 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.
