Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …
The US Cybersecurity and Infrastructure Security Agency issues security advisories for Apple and Samba
The notice for Apple covers: iOS 16.1 and iPadOS 16 macOS Big Sur 11.7.1 macOS Monterey 12.6.1 macOS Ventura 13 Safari 16.1 tvOS 16.1 watchOS 9.1 Apple Releases Security Updates for Multiple Products | CISA Samba is software that allows Windows devices to communicate with Linux and Unix devices. Samba …
Do you use Cisco AnyConnect? If so make sure you have ALL the clients patched.
Threat actors are carrying out massive attacks, looking for unpatched Cisco AnyConnect Windows clients: Cisco AnyConnect Windows client under active attack • The Register
CISA adds seven vulnerabilities to the Known Exploited Vulnerabilities Catalog
There are only six in this post – covering multiple Cisco and GIGABYTE products, but if you check the database this is also an alert for an Apple iOS and iPadOS Out-of-Bounds Write Vulnerability: CISA Adds Six Known Exploited Vulnerabilities to Catalog | CISA
Apple patching everything
Sans Internet Storm Diary has a good round-up of the latest Apple software/OS updates and patches: Apple Patches Everything: October 2022 Edition – SANS Internet Storm Center These updates should happen automatically, but it is your responsibility to make sure they actually happen – so check.
