Ce nouveau fil de sécurité est une ressource pour les MSP et les professionnels de l’informatique qui leur permet de se tenir au courant des dernières nouvelles en matière de cybersécurité et des alertes de vulnérabilité liées aux systèmes d’exploitation, aux navigateurs, aux VPN et aux RDP. Protégez votre entreprise et vos clients en suivant l’actualité relative à la sécurité.

Justice Department Develops Task Force to Target Ransomware

Wednesday, May 5, 2021

The Justice Department’s task force will work to protect individuals and businesses from ransomware attacks before they happen.

Read the full blog here:
Justice Department Develops Task Force to Target Ransomware

Leaders in Cyber Security: Q&A with Mark Lee and Sramana Mitra

Wednesday, May 5, 2021

Splashtop CEO and Chief Evangelist Mark Lee joins Sramana Mitra, Founder and CEO of One Million by One Million (1Mby1M), for a Q&A on Splashtop’s history and cybersecurity.

Read the full blog here:
Leaders in Cyber Security: Q&A with Mark Lee and Sramana Mitra

Firefox Security Update Released (88.0.1)

Wednesday, May 5, 2021

Mozilla has released Firefox version 88.0.1 for Windows, Mac, Linux, and Android. This update includes fixes for a critical security issue. Users should update as soon as possible to avoid potential exploitation.

Important links:
How to update Firefox to the latest release
Firefox 88.0.1 Release Notes

iOS Security Updates Released (14.5.1)

Monday, May 3, 2021

Apple has released iOS 14.5.1 with fixes for two critical WebKit vulnerabilities.

Updates for WatchOS should also be installed.

iOS 12.5.3 was also released to support older devices like iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

These vulnerabilities are being actively exploited in the wild. Users should update as soon as possible to avoid potential exploitation.

Important links:
How to update iOS
iOS 14.5.1 Release Notes
iOS 12.5.3 Release Notes
How to update watchOS
watchOS 7.4.1 Release Notes

MacOS Security Updates Released (11.3.1)

Monday, May 3, 2021

Apple has released MacOS Big Sur 11.3.1 with fixes for two critical WebKit vulnerabilities.

Apple has also released security updates for Safari 14.1 on MacOS Catalina and MacOS Mojave that should be installed using the Mac App Store.

These vulnerabilities are being actively exploited in the wild. Users should update as soon as possible to avoid potential exploitation.

Important links for MacOS Big Sur users:
How to update MacOS
MacOS 11.3.1 Release Notes

Important links for MacOS Catalina and MacOS Mojave users:
How to update Safari
Safari 14.1 Release Notes

Pulse Connect Secure VPN Patches Critical RCE Vulnerabilities

Monday, May 3, 2021

Pulse Secure released updates for Pulse Connect Secure to fix multiple critical remote code execution (RCE) vulnerabilities that can lead to complete system compromise.

These vulnerabilities are known to be actively exploited in the wild. System administrators are urged update immediately.

Read the full details here:
Out-of-Cycle Advisory: Multiple Vulnerabilities Resolved in Pulse Connect Secure 9.1R11.4

Android OS Security Update Released (2021-05-05)

Monday, May 3, 2021

Android devices should be updated to security patch levels of 2021-05-05 or later to address multiple critical and high severity vulnerabilities.

Important links:
How to check & update your Android version
Android Security Bulletin — May 2021

The Samba Team Patches Vulnerabilities in Samba 4.14.4, 4.13.8 and 4.12.15

Thursday, April 29, 2021

The Samba Team has released security updates to address a vulnerability in multiple versions of Samba. An attacker could exploit this vulnerability to gain unauthorized access to files.

Read the full details here:
Samba 4.14.4, 4.13.8 and 4.12.15 Security Releases

F5 Patches Authentication Bypass Vulnerability in BIG-IP APM AD Auth

Wednesday, April 28, 2021

F5 announced patches for BIG-IP to fix a high priority authentication bypass vulnerability in APM AD auth.

An APM access policy configured with AD authentication and SSO (single sign-on) agent could be vulnerable to attacks where a spoofed credential can result in local administrator access.

System administrators are urged to update BIG-IP as soon as possible.

Important links:
BIG-IP APM AD authentication vulnerability CVE-2021-23008
BIG-IP update and upgrade guide
Frequently asked questions for upgrade and update videos

Cisco Patches DoS Vulnerability for ASA and FTD VPN Software

Wednesday, April 28, 2021

Cisco has released software updates to fix a denial of service vulnerability that affects Cisco products using Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software that have a vulnerable AnyConnect VPN or WebVPN configuration.

Attackers could exploit this vulnerability to cause a buffer overflow condition on the affected system, which could disclose data fragments or cause the device to reload, resulting in a denial of service (DoS) condition.

Cisco devices should be updated immediately to avoid potential exploitation.

Read the full details here:
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability

Email Alerts