Cybersecurity Starts in the Boardroom
Make sure your Google Chrome patching is up to date. Google has just released a patch to fix a flaw in Chrome that was being actively exploited by threat actors. The attack is directed at the WebRTC system – which is a component used in web based comms, so avoid …
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft vulnerability to it’s Known Exploited Vulnerabilities Catalog: CISA Adds One Known Exploited Vulnerability to Catalog | CISA This vulnerability was addressed in June’s Microsoft Patch Tuesday. Guidance on Applying June Microsoft Patch | CISA
The 2022, list of the most dangerous software has been published at Common Weakness Enumeration (CWE): CWE – 2022 CWE Top 25 Most Dangerous Software Weaknesses (mitre.org) Who are CWE: Common Weakness Enumeration (CWEâ„¢) is a community-developed list of common software and hardware weakness types that have security ramifications. CWE …
The US Cybersecurity and Infrastructure Security Agency has added eight new vulnerabilities to it’s Known Exploited Vulnerabilities Catalog. CISA Adds Eight Known Exploited Vulnerabilities to Catalog   | CISA
It seems a long time ago that the Log4Shell vulnerability was discovered. A vulnerability that had far reaching consequences as many systems used this framework for their logging functionality. The US Cybersecurity and Infrastructure Security Agency(CISA) with the United States Coast Guard Cyber Command (CGCYBER) has issued an advisory of …
Continue reading “Log4Shell is still an exploited vulnerability”
