CISA – The US government Cybersecurity and Infrastructure Security Agency – is one of my trusted sources of information when it comes to software and firmware vulnerabilities and patching. Patching It is the week of Microsoft Patch Tuesday – here is the CISA advisory for Microsoft products: Microsoft Releases July …
MOVEit updates
The flaw in the MOVEit file transfer software has caused a series of major cyber security breaches around the world – now there are patches for further issues: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities | CISA You may not use MOVEit, but your takeaway from this is …
Android Exploit Needs Patching
I ended last week with an infected Android app, now there is an advisory from CISA to patch a vulnerable Android driver: CISA warns govt agencies to patch actively exploited Android driver (bleepingcomputer.com) NVD – CVE-2021-29256 (nist.gov) Android devices that are used by employees as “BYOD” devices are always difficult …
CISA Security Advisories
Regular readers know that I use the US government Cybersecurity and Infrastructure Security Agency (CISA) website as a reliable source of information on software and hardware vulnerabilities. Ones that impact the organisations we support are escalated to our support team, then I write about those and the rest here, for …
Microsoft Teams – a way in for malicious software
Us and about 280 million other people use Microsoft Teams for communications and collaboration, depending on it to be secure. Generally it is – but of course researchers have found that exception – and it is not hard to exploit! Microsoft Teams bug allows malware delivery from external accounts (bleepingcomputer.com) …
Continue reading “Microsoft Teams – a way in for malicious software”