Cybersecurity Starts in the Boardroom
I have written about this Microsoft Word vulnerability earlier this week: New attack using Microsoft Office documents – could you or your team recognise it? – Smart Thinking Solutions There is still not patch – but Microsoft has issued some mitigation guidance: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability …
Continue reading “Microsoft guidance for Office zero-day vulnerability – Follina”
I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks. …
A new malware strain known as Cheerscrypt or Cheers, is targeting a VMware enterprise virtualisation tool – VMware ESXi systems. Ransomware Cheerscrypt targets VMware ESXi systems • The Register
These Cybersecurity and Infrastructure Security Agency advisories, cover a number of packages – possibly the one of most interest is Drupal – a popular website content manager, similar to WordPress. Drupal Releases Security Updates | CISA Citrix Releases Security Updates for ADC and Gateway | CISA
The US Cybersecurity and Infrastructure Security Agency is having a busy week of updating it’s Known Exploited Vulnerabilities Catalog: CISA Adds 34 Known Exploited Vulnerabilities to Catalog | CISA Microsoft and Adobe figure strongly on the list today but there are other products there – go and check. There is …
