Cyber Risk Services

Mozilla has fixed three high-severity flaws with the release of Firefox 81 and Firefox ESR 78.3.

https://t.co/D6tL5fDjWe

Organizations should prioritize patching over detection when it comes to Zerologon, a recently disclosed privilege escalation vulnerability in Microsoft’s Windows server operating system.

https://t.co/KpMRf6yw04

Apple has updated its iOS and iPadOS operating systems, which addressed a wide range of flaws in its iPhone, iPad and iPod devices.

https://t.co/e3riF9YxXV

Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers (DCs).

https://t.co/9BTogwQAso

Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers.

https://t.co/LhY63PVsUV

A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices.

https://t.co/43RFr8W06R

A cluster of vulnerabilities known as Ripple20 pose a major threat to IT environments, according to new research by a Seattle enterprise cyber-analytics company.

https://t.co/sFqqPnPCR9

Palo Alto Networks has fixed nine vulnerabilities in its PAN-OS operating system for versions 8.1 or later.

https://t.co/yBwDd0UqCw

The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.

https://t.co/Crp6tEhDqX

Adobe has released fixes addressing five critical flaws in its popular Experience Manager content-management solution for building websites, mobile apps and forms.

https://t.co/DLEwR3hIXx