UCSF IT Technology

Nozomi Networks has disclosed a potentially serious vulnerability affecting a C standard library used by several major companies. A remote attacker could perform DNS poisoning attacks against the target device.

Google has released Chrome version 101.0.4951.41 for Windows, Mac, and Linux. A remote attacker could exploit this vulnerability to take control of an affected system.

WSO2 has updated a security advisory to address a Critical vulnerability, with indications of exploitation, impacting multiple products. An attacker could exploit this vulnerability to perform unrestricted arbitrary file upload, and remote code execution.

CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) warn advanced persistent threat (APT) actors can gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices using custom-made tools. Successful exploitation of this vulnerability could allow a remote attacker to access and control ICS/SCADA Devices.

Google has released Chrome version 100.0.4896.88 for Windows, Mac, and Linux. An attacker could exploit these vulnerabilities to compromise an affected system. For a complete description of the vulnerabilities and effected systems, visit Chrome Release Note.

Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Chrome Release Note. IT Security

Google has released Chrome version 100.0.4896.60 for Windows, Mac, and Linux. A remote attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Chrome Release Note. IT Security

CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices. The default credentials are not updated on a device.

Attacks have surged on Raspberry Pi prompting experts to recommend Raspberry and Linux users to change default passwords on their machines.  Bot-driven attempts to hijack systems using default credentials is surging.

Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. A remote attacker could exploit the vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Chrome Release Note.