Joomla! releases an update to address remote code execution vulnerability actively being exploited. Read the details here.
Cisco issues two advisories for Java deserialisation and prime collaboration assurance vulnerabilities:
Advisory for PCA — read the details here.
Advisory for Java Deserialisation — read the details here.
FireEye discovered a remote code execution vulnerability while working with Googles Project Zero team that impacted their NX, EX, FX and AX series products. Read their press release here.
Android SMS hijacker app is branded as RSA SecurID.
RSA Announcement — read the details here.
What is the impact of the breach, globally there are 10s of thousands of MongoDB databases wide open without passwords to protect the data. Read more about this here.
A 21 year old British man is arrested in the VTech Breach. You can read more about this story here.
Security Humour for Geeks:
GCHQ Christmas Puzzle: