The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added Microsoft Windows and RAR (zip software), vulnerabilities to it’s database. CISA Adds Two Known Exploited Vulnerabilities to Catalog  | CISA
CISA security update advisories
The US Cybersecurity and Infrastructure Security Agency has two security advisories: Adobe Releases Security Updates for Multiple Products | CISA VMware Releases Security Updates | CISA
Yesterday was Patch Tuesday – Exchange server gets a special mention
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
Where do threat actors get the email addresses for phishing attacks?
They steal them: Email marketing firm hacked to steal crypto-focused mailing lists (bleepingcomputer.com) Email marketing firms are prime targets.
Personal data leaked in another “sophisticated” attack
First see what I have to say about “sophisticated attacks” then we will get into this leak of personal information by an organisation that should have a reasonable spend on cyber-security! Twilio – a communications and phone company based in San Francisco – is reluctant to give away much information on …
Continue reading “Personal data leaked in another “sophisticated” attack”
