The flaw in the MOVEit file transfer software has caused a series of major cyber security breaches around the world – now there are patches for further issues: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities | CISA You may not use MOVEit, but your takeaway from this is …
Android Exploit Needs Patching
I ended last week with an infected Android app, now there is an advisory from CISA to patch a vulnerable Android driver: CISA warns govt agencies to patch actively exploited Android driver (bleepingcomputer.com) NVD – CVE-2021-29256 (nist.gov) Android devices that are used by employees as “BYOD” devices are always difficult …
CISA Security Advisories
Regular readers know that I use the US government Cybersecurity and Infrastructure Security Agency (CISA) website as a reliable source of information on software and hardware vulnerabilities. Ones that impact the organisations we support are escalated to our support team, then I write about those and the rest here, for …
Microsoft Teams – a way in for malicious software
Us and about 280 million other people use Microsoft Teams for communications and collaboration, depending on it to be secure. Generally it is – but of course researchers have found that exception – and it is not hard to exploit! Microsoft Teams bug allows malware delivery from external accounts (bleepingcomputer.com) …
Continue reading “Microsoft Teams – a way in for malicious software”
Reduce that Attack Surface
The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of our go to location for information about exploited vulnerabilities and patching – the type of resource I discuss in this week’s CyberAwake article: The Zero-day Threat – What can you do about it? Keeping up with these issues …
