by Fortify Security Team | Feb 24, 2021 | Open Source News
Title: Exploitation of Accellion File Transfer Appliance Date Published: February 24, 2021 https://us-cert.cisa.gov/ncas/alerts/aa21-055a Excerpt: “One of the exploited vulnerabilities (CVE-2021-27101) is an SQL injection vulnerability that allows an unauthenticated...
by Fortify Security Team | Feb 22, 2021 | Open Source News
Title: Mandiant Identifies Criminal Threat Actor and Mode of Attacks Date Published: February 22, 2021 https://www.accellion.com/company/press-releases/accellion-provides-update-to-fta-security-incident-following-mandiants-preliminary-findings/ Excerpt: “Mandiant, a...
by Fortify Security Team | Feb 11, 2021 | Open Source News
Title: Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple Date Published: February 10, 2021 https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 Also See: Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of...
by Fortify Security Team | Feb 2, 2021 | Advisories
OVERVIEW: Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. tvOS is an operating system for the fourth-generation Apple TV digital media player. watchOS is the mobile operating system...
