Outages and Vulnerabilities

Apple has released a critical update with urgent security fixes. This update responds to three zero-day vulnerabilities that have been actively exploited by cybercriminals.

The latest 3CX desktop client (not the web client) has been compromised in the backend allowing malicious actors to connect to laptop and desktop PCs remotely.

Recently Microsoft announced a critical privilege escalation vulnerability impacting devices with Outlook installed. 

Microsoft has recently announced two critical zero-day vulnerabilities affecting on-premise exchange servers.

This week Microsoft acknowledged an emerging threat posed by the vulnerability dubbed “Follina”. This is a zero-day vulnerability is triggered by opening malicious Microsoft Office documents.

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line.

There is currently a critical vulnerability in Log4j, a ubiquitous logging tool included in almost every application that uses Java (a common programming language).