Security News > 2021 > July > Week in review: PoC for Windows Print Spooler flaw leaked, conquering synthetic identity fraud

Week in review: PoC for Windows Print Spooler flaw leaked, conquering synthetic identity fraud
2021-07-04 08:00

PoC for critical Windows Print Spooler flaw leakedMicrosoft has confirmed that the so-called PrintNightmare vulnerability is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day.

Cisco security devices targeted with CVE-2020-3580 PoC exploitAttackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.

XDR: Security's new frontierEnabling enterprises to go above and beyond typical security functionality, extended detection and response provides a much simpler, single pane of glass view that seamlessly integrates multiple security products into one system.

New security measures to keep Google Play safeGoogle is announcing two new security measures aimed at minimizing the number of malicious / potentially unwanted apps available for download from the Google Play Store: additional Android developer identification requirements and 2-step verification.

Consumers neglecting mobile security despite growing number of threatsA new McAfee report reveals that 49% of U.S. consumers do not use mobile security software to protect their sensitive data, thus leaving them vulnerable to these increasingly advanced cyberattacks.

Download: The CISO's Guide to Third-Party Security ManagementIn this comprehensive guide, we provide the direction you need to make your organization's third-party security program efficient and scalable.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/O0XSxBlclz0/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-1675 Unspecified vulnerability in Microsoft products
Windows Print Spooler Remote Code Execution Vulnerability
0.0
2020-10-21 CVE-2020-3580 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
network
low complexity
cisco CWE-79
6.1