There are many, many users of VMware, I use it, so any vulnerability is critical especially as the VMware is designed for controlling systems! VMware warns of three critical flaws in remote-control tool • The Register
CISA adds seven vulnerabilities to the Known Exploited Vulnerabilities Catalog
The US government Cybersecurity and Infrastructure Security Agency has issued security advisories for Microsoft and Samsung products: CISA Adds Seven Known Exploited Vulnerabilities to Catalog | CISA
CISA security advisories
The US government Cybersecurity and Infrastructure Security Agency has issued a range of security advisories: Cisco Releases Security Updates for Multiple Products | CISA Apple Releases Security Update for Xcode | CISA OpenSSL Releases Security Update | CISA
A couple of stories about supply chain compromise
The first is that threat actors have compromised a media company and are using its infrastructure to distribute malware: Hundreds of U.S. news sites push malware in supply-chain attack (bleepingcomputer.com) The company has not yet been named but the attack has impacted to many hundreds of news sites. The second …
Continue reading “A couple of stories about supply chain compromise”
Catching up with US Cybersecurity and Infrastructure Security Agency latest advisories
Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …
