Vulnerability Risk Service

Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server.

https://t.co/YLRiB7bjHj

A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication.

https://t.co/uuQkjqqdGr

Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates.

https://t.co/389xN3YiYC

A cross-site request forgery (CSRF) vulnerability in the Cisco Digital Network Architecture (DNA) Center could open enterprise users to remote attack and takeover. The high-severity security vulnerability (CVE-2021-1257) allows CSRF attacks.

https://t.co/ZIywPn6tjj

SonicWall is investigating 'probable' zero-day flaws in its remote access security products that have been targeted by 'highly-sophisticated' attackers. The company says it is investigating the attack and will update customers within 24 hours.

https://t.co/sOfW7Fiei1

Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks (SD-WAN) solutions for business users.

https://t.co/alkQb7ClmB

Microsoft addressed 10 critical bugs, one under active exploit and another publicly known, in its January Patch Tuesday roundup of fixes. In total it patched 83 vulnerabilities.

https://t.co/XvVd1xhxKB

Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure.

https://t.co/OAaRNstvCw

Brinqa wins gold medal honors in two categories of the 2020 ASTORS Homeland Security Awards Programs from American Security Today.

https://t.co/HUghBwpnrT