Critical vulnerabilities have been discovered in these devices. No exploits have been reported in the wild – but patches are available – so get patching. Critical flaws in ‘millions of Aruba, Avaya switches’ • The Register
CISA updates to be aware for Cisco devices and Google Chrome
Google Releases Security Updates for Chrome | CISA Cisco Releases Security Updates for Multiple Products | CISA These advisories are issued by the US Government’s Cybersecurity and Infrastructure Security Agency (CISA). The usual applies – check your cybersecurity business information, to see if this impacts you and then get it …
Continue reading “CISA updates to be aware for Cisco devices and Google Chrome”
Linux vulnerability – Nimbuspwn UPDATED 28 April 2022
This post was first made on 27 April 2022 Here is an article from Microsoft examining an issue with Linux, where user privileges can be elevated by stringing together a number of vulnerabilities. Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn – Microsoft Security Blog If you use Linux …
Continue reading “Linux vulnerability – Nimbuspwn UPDATED 28 April 2022”
Zero-Days are back in the news
Zero-Days – will always be a problem and both Google and Mandiant are reporting rises in such exploitations in 2021. I have reported on this before but the point that comes out in Bruce Schneier’s piece is the numbers these research groups are reporting are detected or declared Zero-Days. What …
VMware make sure you have it patched
I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
