The US government Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Office/Windows HTML vulnerability to its Known Exploited Vulnerabilities Catalog. CISA Adds One Known Exploited Vulnerability to Catalog | CISA And from Microsoft: Storm-0978 attacks reveal financial and espionage motives | Microsoft Security Blog
Cyber Security Advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued notices for updates for the products. Cisco Releases Security Update for SD-WAN vManage API | CISA Juniper Releases Multiple Security Updates for Juno OS | CISA You probably do not use these, but do you or someone in your …
Get that patching done
CISA – The US government Cybersecurity and Infrastructure Security Agency – is one of my trusted sources of information when it comes to software and firmware vulnerabilities and patching. Patching It is the week of Microsoft Patch Tuesday – here is the CISA advisory for Microsoft products: Microsoft Releases July …
MOVEit updates
The flaw in the MOVEit file transfer software has caused a series of major cyber security breaches around the world – now there are patches for further issues: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities | CISA You may not use MOVEit, but your takeaway from this is …
Android Exploit Needs Patching
I ended last week with an infected Android app, now there is an advisory from CISA to patch a vulnerable Android driver: CISA warns govt agencies to patch actively exploited Android driver (bleepingcomputer.com) NVD – CVE-2021-29256 (nist.gov) Android devices that are used by employees as “BYOD” devices are always difficult …
