Monthly Archives: February 2022

Threat Advisory – November 22-28

Data Breach

CYSEC NEWS Tracked as CVE-2021-41379 and discovered by security researcher Abdelhamid Naceri, the elevation of privilege flaw affecting the Windows Installer software component was originally resolved as part of Microsoft’s Patch Tuesday updates for November 2021 However, in what’s a case of an insufficient patch, Naceri found that it was not only possible to bypass […]

Threat Advisory – February 15-22

OPIA Labs - Threat Advisory

FEBRUARY 15-22 CYSEC NEWS WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database backups, which often contain credentials and PII. The vulnerability affects UpdraftPlus versions 1.16.7 to 1.22.2, and the developers fixed it with the release of […]