Cybersecurity Starts in the Boardroom
There is an actively exploited zero-day flaw being reported, that Microsoft has not yet patched – so have a look at GTSC’s blog post: Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server | GTSC (gteltsc.vn) The post also includes some temporary mitigation whilst waiting …
Continue reading “Do you operate an Exchange Server? Is it patched and up to date?”
CISA Has Added One Known Exploited Vulnerability to Catalog | CISA
US Cybersecurity and Infrastructure Security Agency has issued advisories for various security updates: Microsoft Releases Out-of-Band Security Update for Microsoft Endpoint Configuration Manager | CISA Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird | CISA
This is a classic supply chain attack. UK based FishPig, seller of Magento WordPress integrations, ecommerce software has discovered that its distribution server had been compromised, which allowed threat actors backdoor access to the customer’s systems. The ecommerce software is believed to be used by more than 200,000 websites. Breach …
These include products from Google, D-Link, QNAP, Apple, MicroTik, Oracle, Fortinet, Netgear and Android, with D-Link getting the most mentions. CISA Adds Twelve Known Exploited Vulnerabilities to Catalog | CISA
