IT Management and Policies | Smart Thinking Solutions

13 July 202213 July 2022

Yesterday was Microsoft Patch Tuesday – get it done and check everyone else is getting it done as well…

software patches are essential cybersecurity

It is that time again – among the fixes and patches from Microsoft, for July 2022 is one addressing CVE-2022-22047, Windows Elevation of Privilege Vulnerability – according to Microsoft a zero-day flaw that is being exploited by threat actors. For more details see Bleeping Computer’s excellent round-up of Patch Tuesday: …

Continue reading “Yesterday was Microsoft Patch Tuesday – get it done and check everyone else is getting it done as well…”

15 June 202215 June 2022

Microsoft Patch Tuesday – Follina zero-day fixed

We will start with the good news – the zero-day threat Follina/msdt.exe has been patched. Let’s hope that it really is the fix we all need! Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws (bleepingcomputer.com) There are other fixes in the update, for Excel, Edge, Microsoft networking etc …

Continue reading “Microsoft Patch Tuesday – Follina zero-day fixed”

18 May 202228 April 2023

CISA joint advisory on access control. Are you still missing MFA?

The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …

Continue reading “CISA joint advisory on access control. Are you still missing MFA?”

18 May 202218 May 2022

CISA updates on Apache and two more vulnerabilities added to their database – UPDATED 18 May 2022

The vulnerabilities are for Zyxel firewalls and VMWare Spring Cloud. CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA The Apache issue is with Tomcat: Apache Releases Security Advisory for Tomcat | CISA Researchers, NSA cybersecurity director warn of hackers targeting Zyxel vulnerability – The Record by Recorded Future

13 May 202213 May 2022

CISA notification – Adobe releases multiple updates

Adobe Releases Security Updates for Multiple Products | CISA

12 May 202212 May 2022

CISA – Google Chrome updates for all platforms and Microsoft Patch Tuesday

Yesterday the US Cybersecurity and Infrastructure Security Agency (CISA) has issued and advisory for Google Chrome patches: Google Releases Security Updates for Chrome | CISA They also posted their Microsoft Patch Tuesday advisory: Microsoft Releases May 2022 Security Updates | CISA

10 May 202211 May 2022

Patch Tuesday – May 2022

Here is SANS’ excellent round-up of Microsoft’s Patch Tuesday: Microsoft May 2022 Patch Tuesday – SANS Internet Storm Centre There are the usual array of issues that Microsoft is fixing be they become an issue – one of the Windows patches fixes Windows LSA, this impacts the authentication of accounts …

Continue reading “Patch Tuesday – May 2022”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.