I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
Exchange servers at risk and being exploited right now
An offshoot of the Hive ransomware gang is actively trying the exploit Exchange servers – if you have one then you or your IT team have to ensure patches and other basic security precautions are in place. Hive ransomware affiliate zeros in on Exchange servers • The Register
CISA adds several Windows vulnerabilities to the ” Known Exploited Vulnerabilities Catalogue”
The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added several new Microsoft Windows, vulnerabilities to it’s database. These all need patches – so again it is a good time to check that your “auto-updating” is working or time to get an Octagon IT monitoring package and let experts monitor the …
Bug bounties are a vendor’s shortcut to software vulnerabilities – UPDATED 26 April 2022
This post was first published on 19 April 2022 Following up on the article below, here is a real world example of bug bounties working to improve cybersecurity. The US Government’s Department of Homeland Security (DHS) worked with a group of cyber security analysts, who uncovered 122 vulnerabilities in the …
Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
