CISA is the US government’s Cybersecurity and Infrastructure Security Agency and a very good source cyber security and software patching information. Last week they posted several software patching updates and known vulnerabilities that are being exploited and mitigations for them. Samba Releases Security Updates for Multiple Versions of Samba | …
Available for sale – a toolkit to steal credentials
AlienFox is a malicious modular toolkit that threat actors can buy via a private Telegram channel. New AlienFox toolkit steals credentials for 18 cloud services (bleepingcomputer.com) The malware can be configured to scan for misconfigured servers and steal authentication details and credentials for a range of popular cloud-based services such …
Continue reading “Available for sale – a toolkit to steal credentials”
Patch your QNAP NAS now!
QNAP is a popular brand of soho NAS, available widely on Amazon. QNAP have released a security patch to fix a serious flaw, that if exploited could give threat actors administrator control of your device and information. QNAP warns customers to patch Linux Sudo flaw in NAS devices (bleepingcomputer.com)
I know why you cannot send email anymore…
…if you run your own onsite Exchange server. Keeping onsite Exchange servers up to date and patched was a labour intensive task, when our support team used to do it – now we no longer support any on premise Exchange servers it is a relief for the team. But for …
Continue reading “I know why you cannot send email anymore…”
Apple – patch everything
This includes some older iPhones and iPads – with iOS 15 and 16 and iPadOS 15 and 16 getting updates – and the Studio Display: Apple Updates Everything – SANS Get them done. Not sure you need to do this? Here is an example of a data stealer specifically aimed …