Cyber Risk Services

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials. The flaw (CVE-2020-15157) is located in the container image-pulling process.

https://t.co/CAi5B1am1a

Business software giant Oracle is urging customers to update their systems in the October release of its quarterly Critical Patch Update (CPU), which fixes 402 vulnerabilities across various product families.

https://t.co/O5SnB4wmR4

Cisco has stomped out a slew of high-severity vulnerabilities across its lineup of network-security products. The most severe flaws can be exploited by an unauthenticated, remote attacker to launch a passel of malicious attacks.

https://t.co/zNXel5sEEg

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things (IoT) devices.

https://t.co/eWrjlfa7hm

Microsoft has pushed out fixes for 87 security vulnerabilities in October – 11 of them critical – and one of those is potentially wormable.

https://t.co/GSOn9buaYb

Adobe is warning of a critical vulnerability in its Flash Player application for users on Windows, macOS, Linux and ChromeOS operating systems.

https://t.co/nlMrR1Atve

Cybercriminals are chaining Microsoft’s Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.

https://t.co/WwrJ4i4bpw

Ethical hackers so far have earned nearly $300K in payouts from the Apple bug-bounty program for discovering 55 bugs, 11 of them critical, during a three-month hack.

https://t.co/Yrx6G9pACQ

Two flaws in Microsoft’s cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.

https://t.co/P0F7Gm93TR

Google has released patches addressing high-severity flaws in its System component. The flaws could be remotely exploited to gain access to additional permissions.

https://t.co/tWw0LeUFX8