When we undertake any cyber security survey, and we ask about software, we know the greatest amount of work we will have to do, is when the client says “we had this written for us” or we use this “open source software”. (We will not get into Android apps or …
VMWare is a real cyber security issue – fix it or get rid of it CISA warns
This is pretty simple – do you use VMWare if so get it patched or change it. The Spring Cloud framework vulnerability is proving a honey pot for attackers. CISA issues directive for exploited VMware bug after IR team deployed to ‘large’ org – The Record by Recorded Future Patch …
Continue reading “VMWare is a real cyber security issue – fix it or get rid of it CISA warns”
VMware make sure you have it patched
I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
The log4j threat has not gone away
Here is an attack in the world targeting machines with malicious rootkits. Even though their code is poor, it is still an issue. Linux botnet exploits Log4j flaw to hijack Arm, x86 systems • The Register Log4j at Smart Thinking Solutions
This is what happens when you do not run patches and updates
The Information Commissioner’s Office has issued a £98,000 penalty to Tuckers Solicitors based in London. The solicitors firm suffered a ransomware attack where confidential information including, PII and case material was lost. UK lawyer fined for not patching fast enough before attack • The Register
Apple software updates released
Apple has released security and patch updates for their operating systems across most of it’s devices. These updates also include new features across the devices, Macs, iPhones and iPads. The advice, as always, is get the updates ASAP – patched devices are always more secure. iOS 15.4 and macOS 12.3 …