Ransomware launched on a system encrypts all user files and locks out the user with a demand note for anonymous online payment to restore access. Cybercriminals are mainly targeting Windows platform users.
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a Command Injection Vulnerability in the administrative configurator. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 7.2.
The cPanel security team released an update that addresses the 2FA bypass vulnerability.
The Drupal security team released a security update to address a critical drupal core Remote Code Execution Vulnerability.
Google released a security update (Chrome version 86.0.4240.111) that addresses high severity vulnerabilities affecting the Google Chrome bowser on Linux, Mac and Windows computers. We strongly urge all users to immediately update their browser.
Cisco security released patches that address 17 vulnerabilities (high severity) for appliances that include Adaptive Security Appliance (ASA), Firepower Threat Defence (FTD) and Firepower Management Center (FMC).