CISA said a remote attacker could exploit the vulnerability to take control of an affected system.
Source: Read More (Latest topics for ZDNet in Security)
You might be interested in …
Daily NCSC-FI news followup 2021-09-27
AWS EC2 North Virginia outage makes the net blippy www.zdnet.com/article/aws-ec2-north-virginia-outage-makes-the-net-blippy/ Signal falls over while Xero and Nest got a bit iffy when the main AWS EC2 region had degraded performance. FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/ NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing […]
[ZDNet] Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed
Over 100 CVEs, many of which lead to RCE, have been tackled this month. Source: Read More (Latest topics for ZDNet in Security)
[TheRecord] Web skimmers hit 300+ sites hidden inside Google Tag Manager containers
Threat actors have abused a legitimate feature of the Google Tag Manager service to secretly add and deploy malicious JavaScript code to more than 300 e-commerce stores since March this year. The malicious code—called a “web skimmer” or “Magecart script”—was used to collect the payment card details of online shoppers, data that was later offered […]