Cybersecurity Starts in the Boardroom
GitHub is a valuable resource to software developers and so it is a key tool being used in many software supply chains. And we now know how vulnerable we all are to software supply chain hacking – look at this example. So my response when I saw this was the …
Continue reading “GitHub to require 2FA for all users by end of 2023!”
The UK’s National Cyber Security Centre with it’s partners in the Five Eyes, has issued an advisory for the top exploited software vulnerabilities in 2021 – meaning they could continue being the top exploits in 2022. 2021 Top Routinely Exploited Vulnerabilities | CISA Microsoft Exchange server, VMware, SonicWall and Log4j …
I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
Hackers have been actively working to exploit the Spring4Shell vulnerability – now it has been detected in the wild deploying the Mirai botnet. Spring4Shell under active exploit by Mirai botnet herders • The Register CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware (trendmicro.com) …
Continue reading “Spring4Shell in the wild executing the Mirai botnet”
A serious vulnerability in VMware has been discovered: VMSA-2021-0029 (vmware.com) As the article on The Register says “ignore this at your peril”. Over Log4j? VMware has another critical flaw for you to fix • The Register
