Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird | CISA
Zoom – just get it updated
What was a little known communication and collaboration product before the COVID-19 pandemic, has now become common place both in business and the home. Everything from music concerts, birthday parties, quizzes, government briefings and business meeting – some confidential and some not – have been held on Zoom all over …
I love patches as part of a cyber security plan – but there is a problem!
If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …
Continue reading “I love patches as part of a cyber security plan – but there is a problem!”
CISA joint advisory on access control. Are you still missing MFA?
The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …
Continue reading “CISA joint advisory on access control. Are you still missing MFA?”
CISA updates on Apache and two more vulnerabilities added to their database – UPDATED 18 May 2022
The vulnerabilities are for Zyxel firewalls and VMWare Spring Cloud. CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA The Apache issue is with Tomcat: Apache Releases Security Advisory for Tomcat | CISA Researchers, NSA cybersecurity director warn of hackers targeting Zyxel vulnerability – The Record by Recorded Future