Cybersecurity Starts in the Boardroom
The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …
Continue reading “CISA joint advisory on access control. Are you still missing MFA?”
The vulnerabilities are for Zyxel firewalls and VMWare Spring Cloud. CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA The Apache issue is with Tomcat: Apache Releases Security Advisory for Tomcat | CISA Researchers, NSA cybersecurity director warn of hackers targeting Zyxel vulnerability – The Record by Recorded Future
The BPFdoor malware has been undetected in the wild for more than five years – infecting Linux and Solaris systems. The malware can give remote access to the shell and complete control to a compromised system. BPFdoor: Stealthy Linux malware bypasses firewalls for remote access (bleepingcomputer.com) The twist with this …
WatchGuard – a market leader in security devices – appears to have kept a significant vulnerability secret – although it did patch the issue. WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers | Ars Technica If they patched the issue, then surely everything is fine. Well no. …
Zyxel have issued critical updates for some essential cyber security devices. Check your business cybersecurity plan to see if you are impacted and if so – get the updates done. Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks | Ars Technica You do not have a business …
