Zyxel have issued critical updates for some essential cyber security devices. Check your business cybersecurity plan to see if you are impacted and if so – get the updates done. Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks | Ars Technica You do not have a business …
Patch Tuesday
Patch Tuesday was yesterday – and I am patching away as should you be. Microsoft March 2022 Patch Tuesday – SANS Internet Storm Centre Microsoft patches 71 security vulnerabilities, 3 critical • The Register Watch out for those patches for Exchange Server if you have one. I thought I had …
Azure flaw found, reported and fixed before it was exploited… probably
AutoWarp was discovered and reported by Orca Security to Microsoft, who patched it, before its widespread exploitation. Microsoft Azure flaw allowed unauthorized account access • The Register AutoWarp would have given unauthorised access to Azure Automation Services.
Dirty Pipe – the next in what is becoming a procession of Linux vulnerabilities and this one is bad
This is a high-severity vulnerability in the Linux kernel that could allow untrusted users root access. Linux has been bitten by its most high-severity vulnerability in years | Ars Technica Linux distributions patch kernel privilege escalation flaw • The Register Dirty Pipe has been listed among the most serious Linux threats …
Amazon Alexa hijacked but it is now patched – updated
This was originally posted on 4 March 2022 I put this more academic article up, as a Saturday read, for some background into home automation and smart devices: Home automation and Smart Devices – some questions to be answered – Smart Thinking Solutions Now today there is an article on …
Continue reading “Amazon Alexa hijacked but it is now patched – updated”