Please see Security Advisories for the week ending January 15, 2021 Microsoft Releases January 2021 Security Updates Cisco Releases Security Updates for Multiple Products Apache Releases Security Advisory for Tomcat Juniper Networks Releases Security Updates for Multiple Products Adobe Releases Security Updates for Multiple Products Mozilla Releases Security Update for Thunderbird SAP Releases January 2021 Security Updates ________________________________ Microsoft Releases January 2021 Security Updates Situation Microsoft has released its monthly security… Read More
Security Advisory Roll Up: Week Ending January 8, 2021
Please see Security Advisories for the week ending January 8, 2021 Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR Google Releases Security Updates for Chrome CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise ________________________________ Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR Situation Mozilla has found vulnerabilities and released security updates for Firefox, Firefox for Android, and… Read More
Security Advisory Roll Up: Week Ending January 1, 2021
Please see Security Advisories for the week ending January 1, 2021 Zyxel releases firmware update for hardcoded credential vulnerability Google Revealed Sickly Patched Windows Zero-Day Vulnerability ________________________________ Zyxel releases firmware update for hardcoded credential vulnerability Situation Over 100,000 Zyxel firewalls, VPN gateways, and access point controllers are vulnerable due to a secret hardcoded administrative backdoor account used to update the devices firmware. Problem This vulnerability is due to a hardcoded credential for an… Read More
Security Advisory: Veritas OpenSSL Vulnerability in NetBackup and OpsCenter for Windows
Please note: This vulnerability affects NetBackup customers on Windows Only Veritas OpenSSL Vulnerability in NetBackup and OpsCenter for Windows Situation Veritas has found a vulnerability in NetBackup and OpsCenter that could allow attackers to remotely run code as administrator Problem Veritas has found 2 potential vulnerabilities in NetBackup and OpsCenter that could allow remote attackers to exploit the vulnerabilities, and remotely compromise the system by running programs as administrator. The first… Read More
Security Advisory Roll Up: Week Ending December 18, 2020
Please see Security Advisories for the week ending December 18, 2020 Critical Advisory: Zero-Day Vulnerability in HPE Systems Insight Manager Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird Apple Releases Security Updates for Multiple Products ________________________________ Critical Advisory: Zero-Day Vulnerability in HPE Systems Insight Manager Situation A zero-day exploit was found in HPE System Insight Manager software from Hewlett Packard a advisory was written and released detailing the exploit… Read More
Critical Security Advisory: Active Exploitation of SolarWinds Software Observed in the Wild
CRITICAL Advisory: Active Exploitation of SolarWinds Orion Software Observed in the Wild Situation SolarWinds has found highly sophisticated, manual exploitations for versions 2019.4 to 2020.2.1 of SolarWinds Orion products. This attack is extremely targeted and manually executed and is likely performed by a nation state. Problem The threat actor primarily leverages a malware commonly known as SUNBURST to conduct a global supply-chain attack against the SolarWinds Orion platform. Implication The… Read More
Security Advisory Roll Up: Week Ending December 11, 2020
Please see Security Advisories for the week ending December 11, 2020 Active Exploitation of SolarWinds Software Observed in the Wild Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software Adobe has releases security updates for multiple products Palo Alto Networks has published 3 new Security Advisories CERT/CC Releases Information on Vulnerabilities Affecting Open-Source TCP/IP Stacks OpenSSL Releases Security Update Microsoft Releases December 2020 Security Updates SAP Releases December 2020… Read More
Security Advisory: FireEye Hacked: What have we done
Security Advisory: FireEye Hacked: what have we done We have been investigating the impact and implications of the recent FireEye Hack, which resulted in the bad actors absconding with the FireEye Red Team Tools. Our product team has combed through the findings from FireEye and have implemented appropriate countermeasures. I would like to S.P.I.N. * the situation for you. Situation There’s a lot of press about this event which outlines the… Read More
Critical Security Advisory: Fortinet VPN Vulnerability Actively Being Exploited
CRITICAL: Fortinet VPN Vulnerability Actively Being Exploited Situation A Fortinet VPN vulnerability (CVE-2018-13379) has been seen actively being exploited to steal VPN credentials. Problem The vulnerability (CVE-2018-13379) is a path traversal flaw impacting a large number of unpatched Fortinet FortiOS SSL VPN devices. This vulnerability can allow unauthenticated remote attackers access to system files via specially crafted HTTP requests. An exploit has been posted by a hacker that lets an attacker access… Read More
Security Advisory Roll Up: Week Ending December 4, 2020
Please see Security Advisories for the week ending December 4, 2020 Apache Releases Security Advisory for Apache Tomcat Mozilla Releases Security Update for Thunderbird VMware Releases Security Updates for several products Apple Releases Security Updates for iCloud for Windows Xerox Releases Security Updates for DocuShare ________________________________ Apache Releases Security Advisory for Apache Tomcat Situation Apache has released a security advisory addressing a bug in Apache Tomcat. Affected versions: Apache Tomcat 10.0.0-M1… Read More
- 1
- 2
- 3
- …
- 8
- Next Page »